Page 1 of 1

Storing password in encrypted form

Posted: Mon Sep 15, 2003 11:01 pm
by nigma
In your guys's oppinions what is the best encryption function to use?

Posted: Tue Sep 16, 2003 3:05 am
by greenhorn666
crypt() @ http://www.php.net/crypt
is there another? lol!

mcrypt @ http://www.php.net/mcrypt
But is an extension...

Posted: Tue Sep 16, 2003 11:12 am
by JAM
greenhorn666 wrote:is there another? lol!
Yes. And No.

It's all about the imagination. sha1() and pack(), combined with crypt() (CRYPT_BLOWFISH)... Why use only one?

You can also use 3rd part modules for apache and/or standalone's using exec().

Posted: Tue Sep 16, 2003 12:26 pm
by nielsene
If you're OS supports it, mcrypt invoked in md5 mode seems to be one of hte best compromises for eas of use versus actual security. I think Windows is the only OS that doesn't let you do this....)

Posted: Tue Sep 16, 2003 3:28 pm
by greenhorn666
JAM wrote:
greenhorn666 wrote:is there another? lol!
Yes. And No.
I was refering to glibc, but I guess I'm the only one finding this funny ;)