MD5'ing Passwords
Moderator: General Moderators
MD5'ing Passwords
I'm storing the user's passwords in a MySQL database.
Is it really all that secure and/or necessary to MD5 the passwords? Or is it perfectly safe to leave them in plain text?
Is it really all that secure and/or necessary to MD5 the passwords? Or is it perfectly safe to leave them in plain text?
- John Cartwright
- Site Admin
- Posts: 11470
- Joined: Tue Dec 23, 2003 2:10 am
- Location: Toronto
- Contact:
- RobertGonzalez
- Site Administrator
- Posts: 14293
- Joined: Tue Sep 09, 2003 6:04 pm
- Location: Fremont, CA, USA
I think the security of hashed passwords comes from interaction between the script and the data source. If someone actually gets into your database, there is nothing to stop them from running a simple ...
... and changing everyones password to 1 (or some other arbitrary value). I think the hashing has more practical security application in the passing of data between the script and the database. If someone did change passwords in the database, but the code is still checking an MD5 (or some other hashed value), then passing a 1 through the script will fail, unless the hacker enters this ...
... but even this will cause a failure if your hashing mechanism is not a common hash application like MD5 or SHA1.
Just my opinion.
Code: Select all
UPDATE `users` SET `password` = 1Code: Select all
UPDATE `users` SET `password` = MD5('1')Just my opinion.
- John Cartwright
- Site Admin
- Posts: 11470
- Joined: Tue Dec 23, 2003 2:10 am
- Location: Toronto
- Contact:
At that point you'll notice something has gone wrong and your server has been hijacked.. however.. if you have the passwords plaintext the theif will remain undetected. Even still, what if someone walking by your computer happens to glance over at your screen with phpmyadmin open and quickly jots down the user/pass..?
Unlikely... seeing as everything is done remotely and no passwords are saved on my browser..... and I have an over 30 character password.Jcart wrote:At that point you'll notice something has gone wrong and your server has been hijacked.. however.. if you have the passwords plaintext the theif will remain undetected. Even still, what if someone walking by your computer happens to glance over at your screen with phpmyadmin open and quickly jots down the user/pass..?
- John Cartwright
- Site Admin
- Posts: 11470
- Joined: Tue Dec 23, 2003 2:10 am
- Location: Toronto
- Contact:
Not to sound harsh, but what is your beef with not using md5? Perhaps you may never have a problem, but perhaps you may.. and at that point you can hit your head on the desk asking yourself why you didn't encrypt the passwords when you found out that several user's accounts have been hijacked (including your own) 
- daedalus__
- DevNet Resident
- Posts: 1925
- Joined: Thu Feb 09, 2006 4:52 pm
- RobertGonzalez
- Site Administrator
- Posts: 14293
- Joined: Tue Sep 09, 2003 6:04 pm
- Location: Fremont, CA, USA
You need to update the database as well as the code base. The database needs to be updated for all users so that there current password becomes MD5('pasword') so that when the code checks if (md5($_POST['password']) == $row['password']) it evaluate properly. Otherwise none of your users are going to get in.
PS Yes, you should hash your passwords. It adds a small amount of security to your data and your code, which always makes users feel more comfortable about using your site.
PS Yes, you should hash your passwords. It adds a small amount of security to your data and your code, which always makes users feel more comfortable about using your site.