cancel
Showing results for 
Search instead for 
Did you mean: 

SQL Anywhere PHP 5.4.12 Password Security

RADical_Systems
Participant
0 Kudos
1,754

Hi All,

When using the SQL Anywhere PHP dll's, (5.4.12 in this case), can anyone tell me what sort of security there is in place for passing the username and password to the database. Is it encrypted in any way.

I don't see any options within the dll to send details encrypted but presume it is so any details would be very useful to put my client's mind at rest.

Thanks,

Alasdair

Accepted Solutions (1)

Accepted Solutions (1)

graeme_perrow
Advisor
Advisor

The connection information is always encrypted using AES before it is sent to the server. If you want bulletproof security (including encryption, protection against replay and man-in-the-middle attacks, and server authentication), you can use TLS. Here is the documentation on the Encryption connection parameter and the -ec server switch, both of which need to be used to make this happen.

RADical_Systems
Participant
0 Kudos

Graeme, thanks very much. That is perfect.

Answers (0)