I'm asking this after reading so many articles on the internet about hashing & salting, and the entire theme of securing database connection settings.
I'm making an application that uses mysql database. Currently, the connection settings are stored as plain text in the Win Registry. Since this is easy to read, I am looking for a way of protecting this password so that even if some bad guy will be able to read it in the registry, he still won't be able to get into my mysql database.
Lots of threads says I should use password hashing with salting. Can someone experienced help me with this?
-Let's say my db password is "yesican", how do I generate the hash&salt
-How do I use the value I saved in the registry, match it with some key to decided where login information is ok or wrong.
I will surely appreciate a guide in this.