how to store encrypted password and retrieve decrypt Paasword in php and MySQL

hi.., i'am try to store and retrieve encrypted password from the database...
i search internet to this topic .. many people advise to use MD5 function..
MD5 function used to store my password in database at same i can't retrieve it..
please suggest to Any Other way can store encrypted password and retrieve decrypt Password from database..
Thank You Guys...

 

Why do you need to retrieve a plaintext password?

Best practice is to re-hash a password if it needs to be reset. This way the plaintext can never be recovered. As far as passwords are concerned, there's very little reason that you would ever need to recover one.

If you absolutely have to do it, I would store a password encrypted using AES 256 and a unique and random initialization vector and decryption key for every user. Implementing a secure system that is functional is difficult and beyond the scope of most information you will find because key management and application design is a huge role in whether the system is actually secure.

 

I believe your system doesn't need that complexity of AES 256 (I hope you are not developing a banking software or new Facebook).

The logic of storing passwords may be as follows:
1) During registration, a user provides a password - do sha1() to get hash for the password and store it in the DB
2) When a user is logging in, he enters his password. All you need - do sha1('enteredPassword') and then compare - if it matches the one that stored in DB - the password is correct.

MD5 is not recommended nowadays, just use sha1().

 

MD5 is outdated garbage, so ditch that for something a bit more modern like SHA256 as MD5 is cracked AND easily rainbow tabled. I've been using SHA512 and/or whirlpool myself just because they are that much more secure and the alleged 'speed' penalty isn't high enough to matter for anything I'd use it for.

As to RETRIEVING a hashed password, hashes are monodirectional (in theory) meaning it's encrypt only, and your database practices should reflect this too. 'retrieving' a hash from the database is sloppy practice, and any queries you do against the password should be checking for a match SQL-side. Someone needs a password 'recovered' -- DON'T. As JeStep suggested send them a new one.

... and as Garkoni implies, check it SQL side:

PDO style something like:

function checkLogin($db) {
	if (isset($_POST['fromForm']) && ($_POST['fromForm'] == 'login')) {
		$statement=$db->prepare('
			SELECT id FROM users
			WHERE name = :username
			AND password = :password
		');
		if ($statement->execute(array(
			':userName' => $_POST['userName'],
			':password' => hash('sha256',$_POST['password']);
		))) {
			return $statement->fetchColumn();
		}
	}
	return false;
}

Code (markup):

Kinda rough around the edges, but shows what I mean. NEVER return 'password' as a value from the database, only SEND it so that SQL can do the compare. A user forgets their password instead of trying to 'recover' it opening all sorts of security holes, send them a link with a unique hash via the e-mail they registered with to a 'reset' page instead.

 

I err on the side of caution.

 

Just beware AES256 is not as secure as a hash functions - because it is a cypher, NOT a hash! Cyphers are designed to be bi-directional; which is to say you can encode and decode with it. Hashes are designed to be mono-directional -- once encoded you aren't supposed to be able to decode it. (in theory... in practice, well...rainbow tables will kick your arse).

If you want a secure hash loosely based on AES take a good look at whirlpool... though sha256 or even better sha512 are also good candidates. Security-wise AES256 is barely on par with MD5 in todays server environment... and that's not a good thing.

 

Absolutely. I typically use SHA256 with a random salt per user for passwords.

 

It's not a good practice to store passwords in a form that can be decrypted.
A member may use same password for multiple sites. Anybody that gets access to database can get the confidential passwords.

Just generate a hash like md5 or something more secure and store that. On login you just need to generate hash from user's input and compare with existing hash to see if password is the same.
Retrieving password is not possible - only resetting it is possible as most sites provide.