REGISTRATION
Before registering a password to a database, encrypt it.
Code: Select all
bin2hex(mhash(MHASH_sha256,$pass));LOGGING IN
When logging in, you gotta make sure that the entered password gets encrypted into the same thing as it was in the database.
This is case-sensitive, seing as one tiny difference in a password can totally change the encryption.