I am going to work on a new project which is related to security. Currently, I am studying where to store user credential like password and token. What we have now is to store this sensitive information in MongoDB along with a user profile. Well, I am not sure if this is a good design or not. But, I would like to make a change by separating the credential and profile data to different storage like LDAP and MySQL or even MongoDB. The main difference is to store users' credential in LDAP and store profile data in either MySQL or MongoDB. Thinking of performance and security level an LDAP can provide, do you think the LDAP is still a relevant technology in such a case? Or, how do you use LDAP?
For further actions, you may consider blocking this person and/or reporting abuse