[Tutorial] Securing MySQL Password from Hackers

Discussions of secure PHP coding. Security in software is important, so don't be afraid to ask. And when answering: be anal. Nitpick. No security vulnerability is too small.

Moderator: General Moderators

Post Reply
Volestar
Forum Newbie
Posts: 1
Joined: Tue Apr 20, 2010 8:23 am

[Tutorial] Securing MySQL Password from Hackers

Post by Volestar »

Not much of a tutorial, just a how-to. You should know how to do the following steps already. If not, take a tutorial.

REGISTRATION
Before registering a password to a database, encrypt it.

Code: Select all

bin2hex(mhash(MHASH_sha256,$pass));
Once you've encrypted it, register that to the database.

LOGGING IN
When logging in, you gotta make sure that the entered password gets encrypted into the same thing as it was in the database.
This is case-sensitive, seing as one tiny difference in a password can totally change the encryption.
User avatar
Mordred
DevNet Resident
Posts: 1579
Joined: Sun Sep 03, 2006 5:19 am
Location: Sofia, Bulgaria

Re: [Tutorial] Securing MySQL Password from Hackers

Post by Mordred »

howto, hownotto:
viewtopic.php?t=62782
Post Reply