Storing password in encrypted form

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
User avatar
nigma
DevNet Resident
Posts: 1094
Joined: Sat Jan 25, 2003 1:49 am

Storing password in encrypted form

Post by nigma »

In your guys's oppinions what is the best encryption function to use?
User avatar
greenhorn666
Forum Commoner
Posts: 87
Joined: Thu Aug 14, 2003 7:14 am
Location: Brussels, Belgium

Post by greenhorn666 »

crypt() @ http://www.php.net/crypt
is there another? lol!

mcrypt @ http://www.php.net/mcrypt
But is an extension...
User avatar
JAM
DevNet Resident
Posts: 2101
Joined: Fri Aug 08, 2003 6:53 pm
Location: Sweden
Contact:

Post by JAM »

greenhorn666 wrote:is there another? lol!
Yes. And No.

It's all about the imagination. sha1() and pack(), combined with crypt() (CRYPT_BLOWFISH)... Why use only one?

You can also use 3rd part modules for apache and/or standalone's using exec().
User avatar
nielsene
DevNet Resident
Posts: 1834
Joined: Fri Aug 16, 2002 8:57 am
Location: Watertown, MA

Post by nielsene »

If you're OS supports it, mcrypt invoked in md5 mode seems to be one of hte best compromises for eas of use versus actual security. I think Windows is the only OS that doesn't let you do this....)
User avatar
greenhorn666
Forum Commoner
Posts: 87
Joined: Thu Aug 14, 2003 7:14 am
Location: Brussels, Belgium

Post by greenhorn666 »

JAM wrote:
greenhorn666 wrote:is there another? lol!
Yes. And No.
I was refering to glibc, but I guess I'm the only one finding this funny ;)
Post Reply