Is it safe to store the data in a separate .db file?

I am creating a chat site where it will be possible to register. Therefore, it was necessary to use some kind of database. And I chose sqlite3, so it seemed to me the most convenient and simple. I also have a SQLiteStudio program for viewing .db files. Therefore, the data will be stored in a .db file.

For temporary hosting of my site I want to use repl.co domains on Repit (I know it won’t work soon, but we need to use free hosting while it can work). But I don’t have the money to pay for a private repl, so my repl with the site will be public.

But, as I said, user data will be stored in a separate file. This means that anyone can find my repl and see the user names, their emails and hashed passwords in the database file. Or is it not? Is it safe to store the data in a separate file?

I don’t think it’s safe because anyone could go to your repl and see the files.
Probably best not to do this…

I encountered this issue too!
However, the .db file will have lots of meaningless strings and symbols. A user can always put it through a converter, though.
I suggest Replit Auth, where you can’t impersonate the person, but store the user data (not the login info) in a SQLite3 db or Replit DB. I suggest the SQLite3 db because it’s harder to edit data.

1 Like

That’d be because you’re not using a program designed to read/write sqlite databases.

1 Like

I can’t use Replit Auth, because then only those who are registered in Replit will be able to use the site, and I don’t want that. I’ll probably add the input via Replit, but only as an additional way of logging in.

It turns out that using Replit for hosting is not suitable for me? If so, what should I use for hosting so that the database is secure?

Maybe use Google OAuth?

I meant using another hosting.