I have a built a web application that now has a requirement of storing user credentials for access to another system. (As much as I would like to not do this, unfortunately I have no choice in the matter.)

My web application interfaces with a Windows domain controller over LDAP to verify user accounts. So, when the user logs into my application, the application checks LDAP to make sure they are a valid user and their password is correct. Once authenticated, the users’ miscellaneous data is loaded from a MySQL database.

Now, I need to store a username and password for this other system in this database somehow, and I am exploring the most secure way to do it.

One method I have considered was encrypting the credentials for this other system using the users’ domain password (as verified by LDAP) as the encryption key. This way if someone did get the database somehow, it wouldn’t be of much use as each record would be encrypted with a different (hopefully anyway) key, and that key wouldn’t be present in the web application itself anywhere. The problem with this method is that when the user changes their password, the saved credentials for the other system are no longer valid. I would then have to prompt again for the other system credentials. I am not opposed to doing this, provided that there isn’t another method.

Any thoughts? Thank you for your time.

Edit: Something else I just thought of was encrypting based on some other data exposed for LDAP. One value that looks promising (and also probably insecure to anyone on the domain) is the objectGUID, which I assume is the GUID for the account. I might use this the encryption key. Is this easy to find by domain users or others?

Edit #2: I have found that any domain users can easily look up the GUID via LDAP, so I have decided that method is out. I may have to encrypt based on the user password, unless there are other recommendations.