You can use mcrypt on the string prior to passing it to the database…you of course need to make sure it is installed on the server, more than likely it is…
//NOTE: 'saltnpeppa' can be changed to any string you wish
// salting your password will make it incredibly strong.
return trim(base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, PW_SALT, $the_text, MCRYPT_MODE_ECB, mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB), MCRYPT_RAND))));
return trim(mcrypt_decrypt(MCRYPT_RIJNDAEL_256, PW_SALT, base64_decode($the_text), MCRYPT_MODE_ECB, mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB), MCRYPT_RAND)));
//obviously, pass your posted data into a variable
$password = $_POST;
//then encrypt it...
$enc_pwd = encrypt($password);
// execute the php to query the db and append the encrypted data....
//decrypt is simple enough...in your case this would be a db call of course...
Is there a specific reason you want to store the passwords in a form that can be decrypted back to plain text? This can be a security risk.
What would be best is to hash the password using one of the many cryptographic hashing algorithms, such as SHA-256, and store the resulting hash (plus random salt value per password) in the database. This way, if your database is compromised, no actual passwords would be vulnerable.
In addition, when a user enters their password, you again run it thru the hash function and compare the resulting hash with the one in the database (remember to add the salt).
I suggest downloading the PHP-BB forum software and look at their code, as last I checked they did this very thing.
Never store your password in the database in a form that can be decrypted as it is a security risk, no matter how hard you think it’ll be to decrypt.
Always go for 1 way encryption using SHA with a salt in the password string.
If a user forgets their password, they’ll just have to request a new one
what I would do is hash it using the md5() function then store it hashed. When a user inputs their login details you hash the password input they made again and compare it to the hashed stored password.
This isn’t unbreakable though.
If you want more secure then you should look into http://php.net/manual/en/function.hash.php which will give you more options :) – but that’s the basic idea anyway :)
Yes, hashing is the proper way to do this. While an encrypted password may seem safe, it isn’t. All a hacker would need to do is get a copy of the password fields and then run a brute force cracker on the data to figure out your encryption key.
Hashing is more secure in that no matter what the hacker does with the hashed data, he may have no way of knowing what process lead to the original password becoming the final hash value.
You could have salted it as such…
…or many other ways.
I know you want to prevent yourself from seeing them, but honestly, there is a big difference between you seeing them and acting upon seeing them. You have control of the database, so seeing a users password is the least thing to be concerned with. You should be trying to prevent people other than yourself from seeing those passwords, or ever getting their hands on them.
When it comes to encryption and hashes, follow these…
- Only encrypt individual things, and use different encryption methods for multiple things. Eg, do not encrypt each password with the same encryption method, because if one can be decrypted, they all can be decrypted.
- use hashes for comparing sensitive data, rather than using the raw data itself. Use multiple hashing algorithms if you want to be extra sure a comparison is current. Search for SHA, md5 and cryptographic hashing in general
You must be logged in to reply to this topic.