Page 1 of 1
can MS SQL store passwords encrypted like MySQL?
Posted: Mon Feb 03, 2003 11:19 am
by rathlon
Or should I use php to do the encryption? If I use php, will the password be stored as the encrypted value or as the plain text?
Posted: Mon Feb 03, 2003 4:14 pm
by bionicdonkey
you can encrypt the text in php before sending it to the db. e.g.
Code: Select all
<?php
$password = md5($password);
?>
Posted: Mon Feb 03, 2003 4:58 pm
by rathlon
right, but does this get stored in the database as plain text or the encrypted value? If its encrypted, will u have to use
$password = md5($password);
every time you want to compare it for a matched password?
Posted: Mon Feb 03, 2003 11:58 pm
by bionicdonkey
it's stored as encrypted. which is a good thing for security reasons
Posted: Tue Feb 04, 2003 2:01 am
by twigletmac
and yes, you'll have to md5() any value you want to compare against it.
Mac
Posted: Tue Feb 04, 2003 7:40 am
by superwormy
md5() is a hash function, its not encryption
and yes, you'll have to md5 what the user types in to compare it to the value in the database
if it was encrypted, you'd have to either decrypt the value in the database or encrypt the password they typed in to compare the two
Posted: Tue Feb 04, 2003 9:58 am
by rathlon
what exatly does the md5() function do as co pareed to the encrypting functions?
Posted: Tue Feb 04, 2003 10:45 am
by mydimension
here is the rfc for the md5 algorithm:
http://www.faqs.org/rfcs/rfc1321.html