I'm implementing a third party application to an LMS. Users sign up for the LMS and my site separately. However, I'm integrating them so that a user can sign into the LMS, and after an initial log in be automatically logged in to the LMS every time that they log into the LMS. To make sure that the user in the LMS is authorized to get into my site, they have a consumer key and secret which I then check using oAuth. As part of the oAuth process (this is my first time using oAuth), both the user and I have to have a plaintext copy of the secret. I'll keep my copy in my database, which leads me to be concerned about security; if somebody got access to the database, they could just grab the key and secret. My question, then, is whether there are ways to make the secret more secure.