Paypal Express Checkout api credentials - How to store them properly?

Posted by Sequence on Server Fault See other posts from Server Fault or by Sequence
Published on 2012-09-15T00:30:54Z Indexed on 2012/09/15 3:39 UTC
Read the original article Hit count: 476

Filed under:
|
|

I've been searching the internet and I've come up with a lot of answers of how to store paypal API credentials(Used in Paypal Express Checkout.) They say to hash the credentials using salt. But what I don't understand is how and where to store the salt. If they get access to the salt, can't they just un-hash the credentials? That doesn't seem very secure to me. They say not to hard-code the API credentials, but any other way still seems really vulnerable. Thanks for taking the time to look at my questions. I'd really appreciate help.

© Server Fault or respective owner

Related posts about api

Related posts about credentials