3. FrontBase Specifications
3.2. Key Features
3.2.2. FrontBase Security
Table of Contents
FrontBase provides two layers of passwords for protecting access to databases: database passwords and user passwords.
Database passwordIf the database password is set, a client must send the database password to the server as part of the connection protocol. If the server cannot verify the password, the client connection is closed immediately.
User passwordEach database user can have a password. The password is verified by the server when a session is created for that user. If the verification fails, the session is not created. When a session is successfully created, the protection defined by the SQL 92 standard takes over.
Password handling in generalPasswords may be of any length. Passwords are never exposed outside the client software and they are not even in the database. As soon as an application sends a password to the FrontBase client library, a one-way function is applied to generate a password digest. The function will throw away parts of the password so that it is impossible to deduce the password from the digest. The user name is part of the digest, so two users with the same password will not have the same digest. The password digest is transmitted to the server and used for verification in place of the password.
If you have feedback or questions on this document, please send e-mail to firstname.lastname@example.org. Please reference the section number and topic. Thanks!!
©2000 FrontBase, Inc. All rights reserved.