23. August 2014
Blog , Windows 8
What is Encryption?
Encryption is scrambling data so that it can be only be read someone who has the correct decryption key to unscramble it.
What is Hashing?
As defined a one-way hash function is designed in such a way that it is hard to reverse the process.
Had a recent discussion with another programmer on when to hash information into a database and when to use encryption in a way to be decrypted for later use.
I thought about this for a while and this is what I decided is best practices.
First of all I am using the term Encryption very loosely. All personal client data should always be encrypted in some way.
Use Encryption Keys or Certificates that can be used to encrypt / decrypt information that is considered PCI.
PCI = ( Payment Card Industry Data ) that you need to keep on file and continue to have access to, this way you can still get to the data when you need it but it would be hard for a hacker to make any use of it.
All of the following items should always be hashed into your database and should never be able to be decrypted.
Any and All Passwords - Hashed
Two factor answers to questions like mothers maiden name - Hashed
Best Practices Example:
User (a) creates an account on your website, they select a password and several answers to questions. When you store the information into your data base you use a HASH key to encrypt the data.
When User (a) comes back to your website they try to login you take their password - hash the value - then compare the hashed value with the ( hashed value ) stored in the database. If they match then they entered the correct answer. Otherwise they are not allowed into the system.
The reason is because you never need for anyone to be able to see this information every again! This information is more private than credit card details, and can be used against a user on other websites, and even on phone calls to companies.
Why would you say this is a best practice? Don't be the weakest link!!
Think about it this way, people are creatures of habit, they tend to use the same user Id and password on multiple websites, they answer the same or slightly different questions in the same way, so if their ID and password, and two factor answers are compromised on your website by some hackers then it's a good chance they now have access to other sites like facebook, yahoo, etc. Don't be the weakest link in the chain of websites that is the internet.
Encryption Items for you to research:
Public & Private Keys
MD4 & MD5
How to set the orientation on Windows 8 Phone.
Currently I am using Corona Cards ( alpha ) for Windows 8 game development.
I needed to set the Orientation for the application. I have done this before in normal sample windows 8 phone apps but I could not recall how to. Well someone asked the question before I could and here is the answer.
Visual Studio 2013
Set the orientation in your "MainPage.xaml" file's xml according to
Coding it will work as well, but doing it via XML is simpler.
Do the following:
1) Double click on "MainPage.xaml" in Visual Studio's "Solution Explorer" panel.
2) Observe the Page node in the XML editor.
3) Change the "SupportedOrientations" attribute's value to "Landscape".
4) Change the "Orientation" attribute's value to "LandscapeRight".