Paypal Express Checkout api credentials - How to store them properly?
Posted
by
Sequence
on Server Fault
See other posts from Server Fault
or by Sequence
Published on 2012-09-15T00:30:54Z
Indexed on
2012/09/15
3:39 UTC
Read the original article
Hit count: 476
I've been searching the internet and I've come up with a lot of answers of how to store paypal API credentials(Used in Paypal Express Checkout.) They say to hash the credentials using salt. But what I don't understand is how and where to store the salt. If they get access to the salt, can't they just un-hash the credentials? That doesn't seem very secure to me. They say not to hard-code the API credentials, but any other way still seems really vulnerable. Thanks for taking the time to look at my questions. I'd really appreciate help.
© Server Fault or respective owner