save sensitive information

> i was wondering how to save sensitive information of users
> like cc number or bank data?
> my guess is they should not be saved as plain "chars" but encrypted in
> such a way that if the db is ever going to be hacked the retrieved
> data would be useless to anyone without the correct "key"
>
> passwords usually are stored sha1-hashed as you dont intend to revert
> that (and cant)
> but with the above examples you need to
>
> is there some kind of behaviour to automatically cipher and save or
> decrypt and read record data?
> i stumpled uopn Security::cipher() for that matter
>
> and how save would that be?
> could you re-build the original string from a given ciphered one with
> a modern computer? or would it be pointless for "everyday hackers"?

> Did you take a look at this piece of code?http://bakery.cakephp.org/articles/view/cryptable-behavior
>
> On Nov 3, 10:30 am, "euromark (munich)" <dereurom...@...>
> wrote:
>
> > i was wondering how to save sensitive information of users
> > like cc number or bank data?
> > my guess is they should not be saved as plain "chars" but encrypted in
> > such a way that if the db is ever going to be hacked the retrieved
> > data would be useless to anyone without the correct "key"
>
> > passwords usually are stored sha1-hashed as you dont intend to revert
> > that (and cant)
> > but with the above examples you need to
>
> > is there some kind of behaviour to automatically cipher and save or
> > decrypt and read record data?
> > i stumpled uopn Security::cipher() for that matter
>
> > and how save would that be?
> > could you re-build the original string from a given ciphered one with
> > a modern computer? or would it be pointless for "everyday hackers"?

> yeah
> i found 2 behaviours later on by searching with other filters
>
> but one question remains
> how important would that be for a simple online shop?
>
> On 3 Nov., 12:45, WyriHaximus <webmas...@...> wrote:
>
> > Did you take a look at this piece of code?http://bakery.cakephp.org/articles/view/cryptable-behavior
>
> > On Nov 3, 10:30 am, "euromark (munich)" <dereurom...@...>
> > wrote:
>
> > > i was wondering how to save sensitive information of users
> > > like cc number or bank data?
> > > my guess is they should not be saved as plain "chars" but encrypted in
> > > such a way that if the db is ever going to be hacked the retrieved
> > > data would be useless to anyone without the correct "key"
>
> > > passwords usually are stored sha1-hashed as you dont intend to revert
> > > that (and cant)
> > > but with the above examples you need to
>
> > > is there some kind of behaviour to automatically cipher and save or
> > > decrypt and read record data?
> > > i stumpled uopn Security::cipher() for that matter
>
> > > and how save would that be?
> > > could you re-build the original string from a given ciphered one with
> > > a modern computer? or would it be pointless for "everyday hackers"?