Password Encryption in PHP - By PHP Expert


If you run a serious webpage where you save login information for your members to a database it is generally a very good idea to perform some kind of encryption on these password to prevent the information to be shared in case your datebase would be hacked.

Encryption is very easy to do with PHP in fact all you need to perform a “one way encryption” is the function crypt(). As an example say that we have the variables $user and $password and we want to encrypt the $password variable before we store it in the database. To do this we use the following function:


$crypted_pass = crypt(md5($password),md5($user));

What this does is that it generates an encrypted string from the md5 encoded $password with the $user string as security salt and voila we have an encrypted string ready to be saved to the database. This string can not be decrypted so if we want to use it to verify if someone typed in a correct password for a specific user we need to encode the input in the same way and compare it to the encrypted password.

$try_password = crypt(md5($password),md5($user));
  if($crypted_pass == $try_password)
   echo "success";
else
   echo "wrong password";

Now with the passwords encrypted we will buy enough time to be able to change everyones user info in case of the database being hacked and the information leaked.

No comments

Enter your email address:

Delivered by FeedBurner

OR

 Subscribe in a reader

 
 
 
Tips for optimizing php code by PHP Expert Important SERVER Variables in PHP - By PHP Expert Improved Error Messages in PHP 5 - By PHP Expert New Object Oriented Features - By PHP Expert New Object Oriented Features - By PHP Expert New Object Oriented Features - By PHP Expert New Object Oriented Features - By PHP Expert New Object Oriented Features - By PHP Expert New Object Oriented Features - By PHP Expert New Object Oriented Features - By PHP Expert Object Overloading in PHP 5 Persistable Classes - By PHP Expert Dynamic Getter/Setter Methods - By PHP Expert New Functions in PHP 5 New Directives - By PHP Expert Exception Handling - By PHP Expert Password Encryption in PHP - By PHP Expert Output Buffering in PHP - By PHP Expert Page Excerpts Using CURL - By PHP Expert Quick and Easy Google Site Search - By PHP Expert Always Be Notified When Google Crawls Your Site - By PHP Expert How to POST Form Data using CURL - By PHP Expert Cryptography for web developers - By PHP Expert Dynamically Loading JavaScript Files - by PHP Expert What is Web 2.0 - By PHP Expert