3

I'm developing a web service where users must login. I will store user data in an SQL database and input/output via PHP. But I don't want to store it openly. How do I encrypt the passwords in PHP so only those who knows the password can unlock it?

I know services like phpBB uses some sort of hiding/encryption on stored passwords.

Peter Mortensen
  • 30,738
  • 21
  • 105
  • 131
Espen
  • 3,607
  • 11
  • 48
  • 75

7 Answers7

5

You need to salt and hash the password, using an appropriately secure algorithm.

Community
  • 1
  • 1
El Yobo
  • 14,823
  • 5
  • 60
  • 78
3

The easiest way to get your password storage scheme secure is by using a standard library.

Because security tends to be a lot more complicated and with more invisible screw up possibilities than most programmers could tackle alone, using a standard library is almost always easiest and most secure (if not the only) available option.

See this answer for more info

Community
  • 1
  • 1
Jacco
  • 23,534
  • 17
  • 88
  • 105
  • Thanx! Your example seems like it's ready to use out of the box. Just what I need now. Will be fun to go deeper into it at a later time. – Espen Dec 02 '10 at 18:48
0

You probably want to hash the password - not encrypt it. Check out SHA-1. Hashing means that you cannot retrieve the original data as you can with encryption. Instead what you do is hash the users input and compare it to the hash in the database to see if they've got the right password. Doing this increases security as if your database was ever compromised - a bunch of hashes are useless.

m.edmondson
  • 30,382
  • 27
  • 123
  • 206
0

Save an MD5 hash and to make it more secure, add a salt.

Peter Mortensen
  • 30,738
  • 21
  • 105
  • 131
slayerIQ
  • 1,488
  • 2
  • 13
  • 25
0

Well, you shouldn't encrypt them with MD5 (which is not really secured, most hackers have conversion tables).

Hence, you can hash it with SHA1 (which is usually used).

If you want more security, you can add more salt which is a key you can add like this (just an example, usually used) :

salt+sha1(salt+pass)

This combination can be used with many language.

Shikiryu
  • 10,180
  • 8
  • 49
  • 75
  • sha1 is no more secure. sha256 or 512 however, is. – DampeS8N Dec 02 '10 at 12:42
  • @DampeS8N 7 actually that is incorrect. sha1 is a bit stronger, strong enough that no one has generated collision and is still a recommended hash function by NIST. Although sha256 should be used, of course. – rook Dec 02 '10 at 20:40
0

Hash passwords in SHA-1 (sha1 php inbuilt function) with several recursions of salting (same code in the answers above, only loop through several times). This should be sufficient protection, so even if the intruders somehow get their hands on the hashes, they shouldn't be able to crack them...

cyber-guard
  • 1,776
  • 14
  • 30
-1

There is the possibility to hash passwords (preferably with a salt):

$salt = random_string($length = 5);
$hash = $salt . sha1($salt . $password);

Or store encrypted (only if your MySQL connection is SSL secured):

INSERT INTO `user` (`user`,`pass`) VALUES("username",ENCRYPT("password","secretkey"))
Linus Kleen
  • 33,871
  • 11
  • 91
  • 99
  • 1
    SSL only concerns data whilst in transit so I don't quite understand your last comment – m.edmondson Dec 02 '10 at 12:22
  • 1
    using MySQL's encryption should be avoided for many reasons. The biggest being it is NOT one way. So it can be decoded if accessed. – DampeS8N Dec 02 '10 at 12:47
  • @m.edmondson: that's the point. sniffed traffic is not plain text. so the "secretkey" won't be visible. @DampeS8N: i know it's not one way. i was trying to point out another way of "securly" storing a password without plain-text. – Linus Kleen Dec 02 '10 at 12:57