I just came to find out, storing a password in a plain text is a bad idea IF that password is only used for re-sending it? Let me put it this way, people register in your site, you can keep one hased password, lets say by md5() or sha1() or bcrypt, which will only be used to authenticate and log in user, the other one can be stored in the form of plain text, not this plain text will only be used to resend, it will not be used to login/ or provide access to anything, but it seems a bad idea, as I have been told. Is there any reason for this?
You should always encrypt/hash your passwords for storage, I'd recommend MD5 as it's super easy to use and provides a strong security barrier if your database or code was ever exposed. I don't see the need to "resend" a user's password, unless of course you're programming a Forgot Password option - however in that case, I write it so I store a random token (32 char string) in the DB for a forgot password request, email user with that token, and allow them to simply overwrite their existing password.
Because someone else can read it and hack the users profile, etc. The best way to resend passwords is just create a random one, send it by email and let the user changes it as soon as he login again.
Technically speaking if your website is completely secure, doesn't have any bugs and no one knows the combination to either of your FTP, MySQL or Cpanel accounts then.... you could store them in plaintext without problems. Encrypting passwords is really just a preventive measure. But you do it with good reason. Computers don't care if someone is authorized or not. They only care about the correct combination. And someone may at some point find it. And when they do. Your passwords in plaintext are actually the least of your worries. But you would be smart to encrypt them for your users sake. They may re-use them somewhere else. Or perhaps the hackers will still abuse accounts after systems have been reset. Using MD5 works. But that does not mean that the encryption is going to help much. I think this answers any question you may have related to MD5. But to answer your question from a security point of view. Yes. Bad idea. Encrypt your passwords, use Blowfish Encryption! In PHP you can use Bcrypt for this. Using Bcrypt however is a little complicated, so it's generally recommended to use a library. password-compat - Packagist - A compatibility library with the new 5.5 password_hash API. PasswordLib - Packagist - A library for working with passwords from multiple systems. PHPASS - A library for handling password hashing. NOTE: This is only recommended with "portable hashing" disabled.
While the above post is very useful, the opening paragraph is not technically true Let's say you operate a large company that houses 20 million user accounts and passwords in plaintext. You're essentially entrusting the reputation of your entire company with any of your database administrators (or equivalent if you house it differently). Would you really trust a potentially disgruntled employee to ruin your business?
Ah you are correct. That is my bad. I have no experience with Companies or Database Administrators. So I suppose I hadn't considered this situation. I crossed it out so people can still read it for reference, but it doesn't really apply as you mentioned.
There is no you need to "resend" the password to remind user their password. You can send them the unique link where they can "reset" their password.
I think also, its about keeping up with modern standards, not only this but data protection! Especially when the likes of these hacking groups would take down years of your hard work just for fun.
its very bad idea. since nothing is safe online even its encrypted data. so its better to encrypt the data to confuse the hacker.
Just to clarify: Using MD5 as your hashing-algorithm is a bad choice, since MD5 is no longer considered secure. You should use SHA-256 or better.
If you are storing plain text passwords there is no reason to keep a hashed password since you already threw all security out the window by storing a plain text password. Use bcrypt and keep things safe. To answer your original question, it is because in the event that your database is compromised (which happens a lot more often than you might think) a list of bcryt passwords and user names/emails is pretty useless but a list of plain text passwords tied to email addresses and usernames is a very bad thing.