Why Plain Text Is The Enemy Of Good Computer Security Practices

When you are in a certain field then there are certain things that you should know right from the beginning. It does not matter if you are considered a “noob”, if you have read any of the manuals or talked to people in the field then there are simple basics that you just should know. If you do not know these basics when you are asked about them then that means there is a good chance that you do not take that certain field seriously and will probably not have a long career in it. When it comes to computer security there are certain topics that are the same way as well.

plain-text

And one of those topics that you should know in the beginning is why you should not use plain text when you are trying to make something secured. When you first start learning about computer security that is one of the lessons that you hear about the most. And you will hear about it all of the time. That is why there is no good excuse for you to not learn that lesson. Whenever possible you should avoid using plain text cases.

You might be asking what exactly do we mean when we use the term “plain text”. When we say that, what we mean is that you should not use a format that is easily readable by normal text editors. For example, if you are creating an application for the web then there is a good chance that you are going to need to store the login credentials somewhere. So to store the information, you place it in a database somewhere that is on the server. But when you put this information on the server, you do not use any kind of encryption; instead you just put the information right in. That is considered putting the information in a plain text format. Anyone who has access to that server will be able to read that login information. And they will be able to use it for whatever they want.

Another example of using plain text is when you keep your personal information in a normal text file on your computer. This means that when you want to take important notes that are not supposed to be seen by anyone, you just use a normal text editor to do so. Once again, anyone who has access to your computer can just open the files and take a look for themselves to see what is going on. This is not good computer security and is a practice that can put your data at serious risk.

If you want to make sure that your data is safe then you should make sure that it is encrypted. When you are putting important data in a database a person should not be able to look at the data and read what it exactly says. It should be encrypted and have to be decrypted for a person to be able to read it. When you have programming files on your server, for example PHP files, they should have to go through a processor/compiler to be read. A person should not be able to just download the files and read them like they can when you use .inc files in PHP. That gives away your source code and can lead to serious security problems as well.

Plain text information is just not a good idea when you are trying to be safe on the computer. When you are dealing with files that are important they should not be able to read by human eyes without being encrypted first.

About Lee Munson

Lee's non-technical background allows him to write about internet security in a clear way that is understandable to both IT professionals and people just like you who need simple answers to your security questions.

Speak Your Mind

*