1

I am writing some simple login scripts. I am just wondering, is there any advantage of using the hashing and encryption functions in MySQL over PHP or the other way around?

I know using a stored procedure, I could possibly be transmitting sensitive information insecure. On the other hand, it may be simpler to maintain.

Are there any benefits of using either?

MichaelH
  • 1,600
  • 3
  • 14
  • 20
  • 1
    I seriously recommend checking out Blowfish if you decide to go the PHP route. MD5 should not be your standard for encryption functions, at least if you're encrypting a password. I would start here... http://stackoverflow.com/questions/4983697/how-to-create-and-store-password-hashes-with-blowfish-in-php – thank_you Oct 01 '12 at 02:21
  • I was using SHA256 for my hashing. Why do you recommend blowfish? – MichaelH Oct 01 '12 at 02:36
  • if you're using encryption, then you've switched from "how do I keep my data secure" to "how do I keep my crypt keys secure?" and are back at square 1. – Marc B Oct 01 '12 at 03:51

3 Answers3

4

The only issue I see of using mysql for encrypting sensible data is that if your web server that is running php is in a different location of your mysql, you may send sensible unencrypted data over the network that is communicating this two parties.

Hernan Velasquez
  • 2,770
  • 14
  • 21
  • That's not the *only* issue. If your MySQL traffic can be snooped you've got a lot of other problems. – tadman Oct 01 '12 at 02:43
0

I would definitely use PHP over MySQL to hash passwords. There are so many ways that a query could be stored and viewed, it could be bad if there are queries like this that end up getting stored somewhere:

SELECT id FROM users WHERE username = 'User123' AND password = MD5(CONCAT('SecretSalt','MyPassword'))

thewebguy
  • 1,510
  • 10
  • 15
  • 1
    **DO NOT** use MD5 for passwords. Period. This can *literally* be cracked in a second or two. – tadman Oct 01 '12 at 02:42
  • 1
    @tadman Right. That wasn't the point though, it was that passing the password in plain text to MySQL just creates more holes. – thewebguy Oct 01 '12 at 02:46
  • Using something like `bcrypt`, even if the source code is accidentally leaked as well as the database, you're still no closer to cracking the hashing. MD5 is a joke in comparison. SHA1 with the salt known is weak. – tadman Oct 01 '12 at 03:39
  • @tadman Right, but again the point was that his question was specifically whether or not the hashing should be done by PHP or MySQL. My point was that passing plaintext passwords to MySQL so that it can be hashed there (instead of hashing before it goes to the DB) opens up more holes. – thewebguy Oct 01 '12 at 03:42
0

If you're storing passwords, use a hashing function designed to be difficult to crack. bcrypt is a reasonable choice and many answers here go into detail on how to implement it.

MySQL's hashing methods are not as secure as this and are intended for other purposes, such as hashing documents to check for duplication.

Community
  • 1
  • 1
tadman
  • 208,517
  • 23
  • 234
  • 262