In Chapter 10 -> Key Vault ->Between 1:30-:1:40, you are saying "The password is never sent to the application itself". I am not able to understand this bit. Once the application authenticates itself wouldn’t it be able to retrieve the database password( key) from the key vault? I have seen many examples on the internet where applications are able to retrieve the key in the unencrypted format after successful authentication.
You are correct. That is an incorrect statement in the lecture. I will correct that when I update it. Apologies for that.
Psst…this one if you’ve been moved to ACG!