Search Unity

Security with database

Discussion in 'Connected Games' started by electro_unity, Feb 11, 2019.

  1. electro_unity

    electro_unity

    Joined:
    Nov 29, 2015
    Posts:
    51
    Hi, I am implementing a database on my project. Any ideas where can I look to learn about security (for passwords)?
     
  2. LukeDawn

    LukeDawn

    Joined:
    Nov 10, 2016
    Posts:
    322
    What sort of database? Is it hosted on the same box as your project? How is the data passed to end-users?
     
  3. electro_unity

    electro_unity

    Joined:
    Nov 29, 2015
    Posts:
    51
    The database should contain information relative to the user as well as its username and password. It should be hosted on a server. So the unity application should be able to write/read from the database.
     
  4. aabramychev

    aabramychev

    Unity Technologies

    Joined:
    Jul 17, 2012
    Posts:
    574
  5. LukeDawn

    LukeDawn

    Joined:
    Nov 10, 2016
    Posts:
    322
    Yep, storing passwords you want one way salted encryption, and definitely not MD5 as hash tables for popular passwords are easy to find.

    You also don't want an end-user app being able to access the db directly, as it would contain the info for accessing the db. Ideally, the app used by end-users would connect to a server on the same box as the db, and do the db access, passing resultant data back to the end-user app.
     
    electro_unity likes this.