Password encryption and decryption

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
pritam79
Forum Commoner
Posts: 65
Joined: Wed Mar 26, 2008 9:28 am

Password encryption and decryption

Post by pritam79 »

Hello everyone,
I have a password input field which gets stored in a mysql database (i am using php+mysql). Is there any way in php to encrypt the password before storing in the database and then decrypting it when the user wants to retrieve his password.
Reviresco
Forum Contributor
Posts: 172
Joined: Tue Feb 19, 2008 4:18 pm
Location: Milwaukee

Re: Password encryption and decryption

Post by Reviresco »

User avatar
Eran
DevNet Master
Posts: 3549
Joined: Fri Jan 18, 2008 12:36 am
Location: Israel, ME

Re: Password encryption and decryption

Post by Eran »

md5 is a one way hash - it can't be decrypted back (rainbow tables aside). One way hashing is the recommended form to save a password in a database, especially so they cannot be decrypted back in case the database is compromised. When using a hash you have to generate new password for users who lost theirs.

Alternatively use one of the encryption algorithms included in the mcrypt extensions - just be aware of the possible ramifications should your database be compromised. http://www.php.net/mcrypt
WebbieDave
Forum Contributor
Posts: 213
Joined: Sun Jul 15, 2007 7:07 am

Re: Password encryption and decryption

Post by WebbieDave »

Alternatively, you can use the MySQL built-in encryption/decryption functions such as AES_ENCRYPT.
http://dev.mysql.com/doc/refman/5.0/en/ ... tions.html
Post Reply