3

I am creating a database to store our client's information at work (a heritage center specializing in DNA based genealogy). Once the results of a test come back, we have people that use the information generated on sites such as 23andMe to find relatives and send out invitations for relatives to connect with our clients. This is done with the client's permission. The accounts belong to the clients, they just give us permission to use them. This is why we do not use our own user names and passwords (the client needs to be able to log in to the websites too).

I have the database entry program mostly done, but one thing I need to be able to do is pull up their username and passwords (in plain text) so we can log onto the 3 different websites we use.

What I want to do is create an overall password that when applied to what is entered into the password field in the data entry program (to save the password) or pulled from the DB (retrieve password), it is convertible to plain text (be able to go back and forth from plain to encrypted using 1 key).

Then each of our employees with permission to view the plain text password has their own unique password that when entered make the key mentioned above.

The database I am working with is MySQL and the program our workers are using to manipulate the MySQL DB is being written in Java. Any Java based examples or links to examples would be great.

KnightOfNi
  • 2,247
  • 3
  • 18
  • 23
traisjames
  • 133
  • 6
  • Let me see if I get this straight. The employee enters their password which gives them the key to encrypt/decrypt the customer's password. All employees will likely have different passwords though, correct? – mikeazo Apr 15 '14 at 19:15
  • That is correct. They don't need to see the key themselves, just have the key stored in the program to convert the password to clear text. –  Apr 15 '14 at 19:23
  • 1
    The best way would be to use a more secure delegation system (like OAuth). That way your customer's don't have to give you their credentials. It looks like 23andme supports OAuth (https://api.23andme.com/docs/). Not sure if the other services you would need to access do, however. – mikeazo Apr 15 '14 at 19:34
  • @mikeazo I thought about that while looking at related results while writing the OP. Two of our other websites, GedMatch.com and Ancestry.com do not support OAuth or anything besides Ancestry supporting Facebook connection. – traisjames Apr 15 '14 at 19:50
  • This one just came up that is related: http://security.stackexchange.com/questions/56477/what-should-i-do-when-i-need-to-store-passwords-for-usage-in-3rd-party-softwrae – mikeazo Apr 23 '14 at 18:36

1 Answers1

1

I'm not sure this really offers much security, but the best way I see to do it is:

  1. Have a master key.
  2. Encrypt each customer password with the master key.
  3. Encrypt the master key with a password derived (PBKDF2 or similar) from each employee's password.

Then, when an employee logs in:

  1. Generate the employee's key from their password.
  2. Decrypt the master key.
  3. Use the master key to decrypt customer passwords.
David
  • 15,814
  • 3
  • 48
  • 73