Just out of curiosity, how would you go about encrypting the password that is needed to get into the mysql DB? Would you store it in another mysql table, ie a clear password in a file that is used to access a mysql DB that has the encrypted master PW in it?

On most secure systems, or systems that process Credit Card data, they use a hash to store the Credit Card data. This hash requires one to KNOW the passphrase or PIN to actually decode the data that is stored. Although this is extremely see more secure, how would you use such a security measure with Dolphin?

Just trying to look at the logic of the situation. Dolphin must allow Apache or the user to be able to look at the file in the clear. This is what the file permissions ability of Linux (or Windows) is all about. Otherwise someone would have to always enter in a pass or pin when they got to the site.... does this make sense?