[SOLVED] Security level

[andrea76]

Easy question about security
I have Joomla 3.4.0 - Fabrik 3.2 - PHP 5.3.29 - MySQL 5.5.40-36.1
I make some form with password encrypted and only super user can access to the form.
Into DB the fields are correctly set to BLOB field.
Now my situation is secure or not?
I have high level of security for my passwords?
Hackers can read my password when make SQL injection or other systems?
Thank you for reply.

 

[rob]

That sounds ok as a set up.
You should consider running the form under HTTPS.
Obviously if there are security issues in 3rd party code then sql injections can occur. Keep an eye on the Joomla VEL for updates on known security issues in Joomla extensions

 

[andrea76]

Thanks, last question:
If my site go down, broken, killed!
When I rebuild entire system I can show data encrypted with previous site?

 

[andrea76]

I try to create e new site, I connect my DB with encrypted password but form don't show password.
I cannot use another site for show the password?

 

[troester]

Not sure what you are trying to do how.

As far as I know the element encryption is using Joomla's "secret" parameter.
So I think you must make sure that your "new" site has the same "secret" in Joomla's configuration.php.

 

[rob]

yup that's correct - the secret has to be the same.

 

[andrea76]

GREAT!
I copy "secret" to new site and now I have clear password.
Thanks!