Friday, May 4, 2012

Better way save password in mysql which can be decrypted also using php


I am currently using md5 function to encrypt my password and save to mysql db which can not be decrypted.



Now my user want that when they forgot password, they should get same (old) password instead of new password.



So my question is that what should i use to encrypt my password and store in mysql Database. And i can decrypt that password also.



i am running on php and mysql.



Thanks



Avinash


Source: Tips4all

8 comments:

  1. Don't do that...

    First, use something better than md5. Then create a way to "reset" the password, but never a way to actually retreive the password from the db...

    That will make your app less secure, but maybe even worse; you and your users will have a problem if your data gets stolen! Someone is going to have a database with usernames and passwords of all your users!

    ReplyDelete
  2. Encrypting instead of hashing means that you have to store the decrypt key, which means reduced security for your app. Reset their password, and send them the new one.

    ReplyDelete
  3. Don't do that, it will compromise your security! The whole idea of one way encryption is that if your database is hacked you won't face the problem that all your users passwords will be known alongside with their email addresses!

    ReplyDelete
  4. how about crypt() or openssl?

    ReplyDelete
  5. It's not safe to do that you better can create a way to reset the password

    ReplyDelete
  6. If you're running an internal private site with no security issues, just store passwords with XOR 0xAD each byte. Otherwise, reset is the only option.

    ReplyDelete
  7. It is not possible to store the password in such a way that it is still recoverable without either

    1) storing the decryption key in your code/data (which rather defeats the purpose of hashing/encrypting the password)

    2) encrypting the password using public/private key encryption the routing the recovery through som sort of semi-manual process where the password can be recovered.

    The simplest solution is to require your users to provide/maintain a current email address and rely on the security of that to provide a new password on request.

    C.

    ReplyDelete
  8. create dynamic salts ( 2, one 'permanent' to mix with the password before hashing / crypting, other one dynamic, changing every time user logs in );

    $dynamicSalt = '';
    for ($i = 0; $i < 8; $i++)
    {
    $dynamicSalt .= chr(rand(33, 126));
    }

    never save passwords in any manner that can help you 'decode' them later, it's not up to you to retrieve original password but to let users reset it


    If you really need to save the original passwords, create a database account with WRITE permissions only and store it in some other database ( on another server ? ).

    ReplyDelete