md5()

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

AGISB
Forum Contributor
Posts: 422
Joined: Fri Jul 09, 2004 1:23 am

Post by AGISB »

Having unencrypted passwords in your database is basically not a problem.

The problem starts sending them over the net. I suggest having a second table that does the access checking that has the md5() hashed password. The normal usertable should have the unencrypted one as this enables you to do password lookup and other stuff. This table row should be only accessable by a different mysql username than the one you use for the website just to make sure.
Post Reply