1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

how to store encrypted password and retrieve decrypt Paasword in php and MySQL

Discussion in 'PHP' started by raj_as, Mar 7, 2013.

  1. #1
    hi.., i'am try to store and retrieve encrypted password from the database...
    i search internet to this topic .. many people advise to use MD5 function..
    MD5 function used to store my password in database at same i can't retrieve it..
    please suggest to Any Other way can store encrypted password and retrieve decrypt Password from database..
    Thank You Guys...:rolleyes:
    Solved! View solution.
    raj_as, Mar 7, 2013 IP
  2. jestep

    jestep Notable Member Premium Member

    Messages:
    3,486
    Likes Received:
    199
    Best Answers:
    16
    Trophy Points:
    280
    #2
    Why do you need to retrieve a plaintext password?

    Best practice is to re-hash a password if it needs to be reset. This way the plaintext can never be recovered. As far as passwords are concerned, there's very little reason that you would ever need to recover one.

    If you absolutely have to do it, I would store a password encrypted using AES 256 and a unique and random initialization vector and decryption key for every user. Implementing a secure system that is functional is difficult and beyond the scope of most information you will find because key management and application design is a huge role in whether the system is actually secure.
    jestep, Mar 7, 2013 IP
  3. Garkoni

    Garkoni Active Member

    Messages:
    213
    Likes Received:
    4
    Best Answers:
    0
    Trophy Points:
    60
    #3
    I believe your system doesn't need that complexity of AES 256 (I hope you are not developing a banking software or new Facebook).

    The logic of storing passwords may be as follows:
    1) During registration, a user provides a password - do sha1() to get hash for the password and store it in the DB
    2) When a user is logging in, he enters his password. All you need - do sha1('enteredPassword') and then compare - if it matches the one that stored in DB - the password is correct.

    MD5 is not recommended nowadays, just use sha1().
    Garkoni, Mar 7, 2013 IP
  4. #4
    MD5 is outdated garbage, so ditch that for something a bit more modern like SHA256 as MD5 is cracked AND easily rainbow tabled. I've been using SHA512 and/or whirlpool myself just because they are that much more secure and the alleged 'speed' penalty isn't high enough to matter for anything I'd use it for.

    As to RETRIEVING a hashed password, hashes are monodirectional (in theory) meaning it's encrypt only, and your database practices should reflect this too. 'retrieving' a hash from the database is sloppy practice, and any queries you do against the password should be checking for a match SQL-side. Someone needs a password 'recovered' -- DON'T. As JeStep suggested send them a new one.

    ... and as Garkoni implies, check it SQL side:

    PDO style something like:

    Code (Text):
    1. function checkLogin($db) {
    2.     if (isset($_POST['fromForm']) && ($_POST['fromForm'] == 'login')) {
    3.         $statement=$db->prepare('
    4.             SELECT id FROM users
    5.             WHERE name = :username
    6.             AND password = :password
    7.         ');
    8.         if ($statement->execute(array(
    9.             ':userName' => $_POST['userName'],
    10.             ':password' => hash('sha256',$_POST['password']);
    11.         ))) {
    12.             return $statement->fetchColumn();
    13.         }
    14.     }
    15.     return false;
    16. }
    Kinda rough around the edges, but shows what I mean. NEVER return 'password' as a value from the database, only SEND it so that SQL can do the compare. A user forgets their password instead of trying to 'recover' it opening all sorts of security holes, send them a link with a unique hash via the e-mail they registered with to a 'reset' page instead.
    deathshadow, Mar 7, 2013 IP
  5. jestep

    jestep Notable Member Premium Member

    Messages:
    3,486
    Likes Received:
    199
    Best Answers:
    16
    Trophy Points:
    280
    #5
    I err on the side of caution. :D
    jestep, Mar 7, 2013 IP
  6. deathshadow

    deathshadow Prominent Member

    Messages:
    5,980
    Likes Received:
    826
    Best Answers:
    144
    Trophy Points:
    395
    #6
    Just beware AES256 is not as secure as a hash functions - because it is a cypher, NOT a hash! Cyphers are designed to be bi-directional; which is to say you can encode and decode with it. Hashes are designed to be mono-directional -- once encoded you aren't supposed to be able to decode it. (in theory... in practice, well...rainbow tables will kick your arse).

    If you want a secure hash loosely based on AES take a good look at whirlpool... though sha256 or even better sha512 are also good candidates. Security-wise AES256 is barely on par with MD5 in todays server environment... and that's not a good thing.
    deathshadow, Mar 7, 2013 IP
  7. jestep

    jestep Notable Member Premium Member

    Messages:
    3,486
    Likes Received:
    199
    Best Answers:
    16
    Trophy Points:
    280
    #7
    Absolutely. I typically use SHA256 with a random salt per user for passwords.
    jestep, Mar 8, 2013 IP
  8. VideoWhisper.com

    VideoWhisper.com Active Member Premium Member

    Messages:
    302
    Likes Received:
    3
    Best Answers:
    2
    Trophy Points:
    88
    #8
    It's not a good practice to store passwords in a form that can be decrypted.
    A member may use same password for multiple sites. Anybody that gets access to database can get the confidential passwords.

    Just generate a hash like md5 or something more secure and store that. On login you just need to generate hash from user's input and compare with existing hash to see if password is the same.
    Retrieving password is not possible - only resetting it is possible as most sites provide.
    VideoWhisper.com, Mar 11, 2013 IP