I have a security related question about storing some client information - specifically their database login credentials.
My app works based on the client and so the database details need to be set at the start. My initial thought was to hold it all in a MYSQL database table but if that gets compromised, then all my clients are at risk.
I've also thought about creating a PHP array with all these details in, then when a new client is added through the GUI, write the details into that array using fopen etc.
Are there any better alternatives out there that I'm missing?
More details:
I have a MYSQL database on my host server (where the app runs from) then the app needs to connect to one of an number of external databases (my client's) but obviously the app needs to know all of their details.
I'm not sure that encryption is really possible, I can hash it and save it to a table but I can't reverse that so it'd have to be plain text, hence my worry about security - I'd never want to store plain text passwords in a database.