Encrypting already existing database help
Posted: Fri Jul 15, 2011 11:41 am
Migrating from cleartext to encrypted passwords
I have a MySQL table that contains user data including passwords in cleartext, about 10,000 records, and my client has decided to move to encrypted passwords.
As I see it the steps to complete in this order are as follows:
1. Create new column in table to store encrypted passwords.
2. Create and run a script to read cleartext passwords, encrypt them, and insert values into new column.
3. Modify login and profile creation scripts to support encryption and use new column for values.
4. Delete original cleartext passwords.
5. Mandate password changes to users logging in.
Step two is what I most would like some advice on, but any thoughts are helpful. I foresee reading each value, encrypting it, and inserting the new value into the table with a loop.
Does anyone see any pitfalls or have any advice for this process? All comments are welcome.
Thanks!
I have a MySQL table that contains user data including passwords in cleartext, about 10,000 records, and my client has decided to move to encrypted passwords.
As I see it the steps to complete in this order are as follows:
1. Create new column in table to store encrypted passwords.
2. Create and run a script to read cleartext passwords, encrypt them, and insert values into new column.
3. Modify login and profile creation scripts to support encryption and use new column for values.
4. Delete original cleartext passwords.
5. Mandate password changes to users logging in.
Step two is what I most would like some advice on, but any thoughts are helpful. I foresee reading each value, encrypting it, and inserting the new value into the table with a loop.
Does anyone see any pitfalls or have any advice for this process? All comments are welcome.
Thanks!