Encryption
Moderator: General Moderators
Encryption
I currently just made a registration and login system. When the user registers it encrypts the password using .md5. The problem is that when I try to login you have to type in the encrypted password. How would I approach this problem?
Re: Encryption
(The correct term for MD5 is "hash", not "encrypt".)
You hashed the password when they registered, right? So why not hash whatever they give on the login form?
You hashed the password when they registered, right? So why not hash whatever they give on the login form?
-
amargharat
- Forum Commoner
- Posts: 82
- Joined: Wed Sep 16, 2009 2:43 am
- Location: Mumbai, India
- Contact:
Re: Encryption
You store password in a md5 format, thats ok
Now, when user enters his/her password then before matching it with your stored password, you have to md5 the user's entered password.
So user's password will also get md5 and you also stored password in md5
Suppose, your stored password is "admin" and when you md5 it then lets consider you'll get "x" as md5ed.
Then, when user entered password as "admin" and you will also get same md5ed value when you md5 user's entered password i.e. "admin"
So, that is the procedure you have to follow
Now, when user enters his/her password then before matching it with your stored password, you have to md5 the user's entered password.
So user's password will also get md5 and you also stored password in md5
Suppose, your stored password is "admin" and when you md5 it then lets consider you'll get "x" as md5ed.
Then, when user entered password as "admin" and you will also get same md5ed value when you md5 user's entered password i.e. "admin"
So, that is the procedure you have to follow