1

I need to send the following up to my server to be stored via POST:

&username=xxxx&password=zzzzz

Should I encrypt this before sending? Or just send it via HTTPS (SSL) to my PHP page?

On the PHP page should I then do the encryption to save it to the MySQL server?

Need a little help here as to what is the best iPhone app -> PHP -> MySQL way to do this.

Ethan Allen
  • 14,425
  • 24
  • 101
  • 194
  • 2
    `HTTPS`/`SSL` should be fine. Possibly verify your certificate if you want to make sure. – Wrikken Jul 26 '11 at 22:18
  • You will get a better response rate if you accept more answers to previous questions, 15% is quite low... – MCannon Jul 26 '11 at 22:25

4 Answers4

1

Sending it over HTTPS should be fine for communicating between the iPhone app and PHP. You should hash the password, using a good password hashing algorithm, as soon as possible.

If you're not familiar with good password hashing practices, you might find this useful: How do you use bcrypt for hashing passwords in PHP?

Community
  • 1
  • 1
Chris Hepner
  • 1,552
  • 9
  • 16
0

You can encrypt password using md5() or make your own encryption/decryption function.

Here is the example

From client end

 $password = md5('password');

To check with database

 //security check
 $user = mysql_real_escape_string($_POST['username']);

 mysql_query("SELECT user_name, email FROM users WHERE username='".$user."' AND MD5(password)='".$password."'");
Maximus
  • 2,906
  • 4
  • 35
  • 55
  • 2
    Please! This is not secure. In your example, it does not make a difference whether I steal your password or its md5 hash. Use HTTPS and you'll be fine! – middus Jul 26 '11 at 22:25
  • Moreover, you forgot to escape `$password` (escaping is not a security check, btw). This solution won't do. – middus Jul 26 '11 at 22:35
0

HTTPS/SSL should be enough if you simply want to protect your data during transmission. Obviously you may also need to store encrypted values in your MySQL db. In this case you should also encrypt your credentials before doing your sql query.

Manlio
  • 10,768
  • 9
  • 50
  • 79
0

HTTPS should be sufficient to protect the data en-route, as others have said. On the server side, you should not store the password in any reversible form (unless for some reason you need the plaintext, such as to pass it to a third party). I would recommend using a salted cryptographic hash.

Essentially, what you do is this: when the user sets a password, you generate a new random string (the salt) and then store the password as the result of hash(salt + password). This hash should be a strong cryptographic function (nowadays I would recommend SHA-256 or similar). In this way, the user's plaintext password cannot be retrieved, even if your server is compromised.

When the user submits their password, you can simply compute hash(salt + password) again and check that the result matches what is stored in the database.

Jeremy Roman
  • 16,137
  • 1
  • 43
  • 44