• 0

Latest/Greatest way to ecrypt with PHP

Asked by DrJohnSmitherson,

 Share

Question

10 answers to this question

Recommended Posts

  • 0
Veteran

DrJohnSmitherson

Posted
  • Author
Posted

More details would help I guess haha. It is an Admin username and password stored in a database. The admin has to enter the username and password when logging into the control panel. I want to save that password as securely as possible. I'm completely new to this and there are many options online, and I need some guidance.

Why are you encrypting passwords? Does it need to be reversible?

If you are storing the users login details try salting and hashing your passwords instead - SHA1

i will look into this! Thank you!

  • 0
Grand Master

threetonesun

Posted
Posted

Use crypt().


if (CRYPT_BLOWFISH == 1) {
   crypt($password, $salt);
}
[/CODE]

It's one way (as it should be), so you'll need to store the salt somewhere, preferably generating a random one for each user than saving it in the database with the user's record. Then when the user logs in with a username and password, you can lookup the user by username, then:

[CODE]
if ($stored_password === crypt($entered_password, $stored_salt))
{
user_login();
}

[/CODE]

Note that in the documentation for crypt() they show how to check for various encryption methods if blowfish isn't available.

  • DrJohnSmitherson and Seabizkit
  • Like 2
  • 0
Rising Star

tim_s

Posted
Posted

Hey all,

What's the best/safest way right now to encrypt a password to store into a MySQL database?

Depends on what you are encrypting!

My strategy for saving PII (Personal Identifiable Information) or PAN (Private Account Number) would be much different than just a Username / Password combination where the user cannot be identified.

This topic is now closed to further replies.
 Share
Go to question listing

  • Posts

  • Recent Achievements

    • Week One Done
      mnsgroup earned a badge
      Week One Done
    • Conversation Starter
      sumytbe earned a badge
      Conversation Starter
    • One Year In
      B4dM1k3 earned a badge
      One Year In
    • One Year In
      DarkWun earned a badge
      One Year In
    • Dedicated
      Almohandis earned a badge
      Dedicated

  • Popular Contributors

    1. 1
      +primortal
      523
    2. 2
      +Edouard
      198
    3. 3
      PsYcHoKiLLa
      92
    4. 4
      Michael Scrip
      82
    5. 5
      Steven P.
      69
    Show More

  • Tell a friend

    Love Neowin? Tell a friend!