How to Correctly Insert a Password into a SQL database

Question

Im attempting to build a database table that holds user information, including username and password but I don't know the correct way to insert a password so that it is encrypted or hashed, I have tried used PASSWORD('password123') and that encrypted the password but I was told that this is the wrong thing to use. I also tried using (HASHBYTES('hello123')) and that is what is show in the SQL code below. can anyone tell me what I should be using for my password?

the SQL code -

CREATE TABLE `users` (
  `username` varchar(20) DEFAULT NULL,
  `password` varchar(60) DEFAULT NULL,
  `fName` varchar(20) NOT NULL,
  `sName` varchar(20) NOT NULL,
  `sex` varchar(1) NOT NULL,
  `payment` varchar(255) NOT NULL,
  `billing_Address` varchar(500) DEFAULT NULL,
  `shipping_Address` varchar(500) DEFAULT NULL,
  `tel_No` varchar(30) DEFAULT NULL,
  `email` varchar(255) DEFAULT NULL
) ENGINE=InnoDB DEFAULT CHARSET=utf8;


INSERT INTO `users` (`username`, `password`, `fName`, `sName`, `sex`, `payment`, `billing_Address`, `shipping_Address`, `tel_No`, `email`) VALUES
('Sally123', (HASHBYTES('SallyPword')), 'Sally', 'Stevens', 'F', 'paypal', '123 skank road, Skanksville, SkankTown, SK67 3fu ', '23 skank road, Skanksville, SkankTown, SK67 3fu', '07653645282', 'sally1@gmail.com'),
('BarbraFlaps1', (HASHBYTES('Flapps123')), 'Barbra', 'Smith', 'M', 'Card', '23 skank road, Skanksville, SkankTown, SK67 3fu', '23 skank road, Skanksville, SkankTown, SK67 3fu', '073534615246', 'barbsflaps@gmail.com'),
('JJ5634', (HASHBYTES('hello123')), 'James', 'Justin', 'M', 'paypal', '23 skank road, Skanksville, SkankTown, SK67 3fu', '23 skank road, Skanksville, SkankTown, SK67 3fu', '0735574746545', 'JJ@gmail.com');

"`I was told that this is the wrong thing to use`" - by whom, and why? — Mawg says reinstate Monica, Mar 13 '21 at 13:30
Which programming language are you using to work with the MySQL database? — Progman, Mar 13 '21 at 13:32
@MawgsaysreinstateMonica someone from a discord coding group said that PASSWORD() was not intended for actual passwords and is outdated and soon to be removed and will not work with a HTML/PHP form for input — IHaveNoIdeaDotcom, Mar 13 '21 at 13:33
@Progman SQL? im using PHPmyadmin for creating and hosting the database, but its to be used in a PHP/HTML site — IHaveNoIdeaDotcom, Mar 13 '21 at 13:34
@Progman only slightly, understand that is how to insert from the PHP side I actually need to do this from the database side first, that's why I am inserting user information into the table now rather then from the form — IHaveNoIdeaDotcom, Mar 13 '21 at 13:37

How to Correctly Insert a Password into a SQL database

0 Answers0