SELECT * FROM USER_DATA;
This results in cases in which millions of user accounts are compromised. Another problem is that developers roll their own user and password management systems and get things like salting and hashing wrong, making the data vulnerable.
What developers need is a minimal, single purpose database specifically designed for protecting user information and designed to move user data access away from the rest of the application data to minimise the impact of access by hackers.
Here are the requirements:
- It should be accessible only via its specialised API which is designed to constrain the ways that it is accessed.
- It should not provide generalised database query functionality.
- Its API should have password salting and hashing built in.
- Its API should throttle access with some sort of algorithm designed to prevent downloads of large quantities of user data.
- It should encrypt data internally.
- It should communicate only over encrypted connections.
- It should be distributed.
- It should not be run on any web server, should run "behind the scenes" and be accessible only via its API.
- It should include triggers and alerts based on uncommon access patterns or recognised nefarious access patterns.
- It should have no other purpose.
Something like this wouldn't be a guarantee against being hacked but would be a good baseline for preventing common problems and minimising the outcomes of the seemingly inevitable hacks that we hear about all the time. Someone clever should write this. I'd use it.
I bet there's someone out there smart enough to put this together in a matter of hours.