|
|
Posted by ZeldorBlat on 11/11/07 17:31
On Nov 11, 12:12 pm, MS <No.Way.J...@No.Spam.Thank.You.com> wrote:
> Hi,
>
> I'm writing a PHP login script for a web site. I've looked at several
> examples on the web and some of them use MD5 hashes for the password. They
> do this in various ways.
>
> EG.
>
> a) Storing a MD5 hash of the original password in the database (in the
> password field), and then comparing the MD5 hash of the user entered
> password against that storied in the database.
>
> b) Storing the password in the database, then comparing the MD5 hash of
> that against a MD5 hash of the user entered password.
>
> Mine currently uses no MD5 hashes at all. Here is a snippet:
>
> Note: The 'username' field in the 'member' table of the db is unique so
> the use of a valid username and password should return exactly one row.
>
> $sql = "SELECT * FROM member WHERE username =
> '$user' AND password = '$pass'";
>
> $result = mysql_query($sql) or MyDie("Error: ".mysql_error());
>
> // Determine how many records are in the results
> $numRowsReturned = mysql_num_rows($result);
>
> So if $numRowsReturned == 1 the user gains entry, otherwise not.
>
> I'm new to this so am wondering if there is some sensible security reason
> that MD5 hashes are being used, otherwise I completely fail to see why
> anyone is using them at all.
>
> Can someone explain this to me please and let me know why -if at all- I
> should be using MD5? If I should does it make any difference whether I use
> MySQL's MD5 function on PHP's MD5 function, just in case there is a
> security issue with that as well.
>
> Many thanks and regards, etc..
The idea of hashing the passwords is to avoid storing or transmitting
the actual password.
If you store the hash of the password in the database, someone with
access to the database won't be able to see the password. If you hash
the password on the client side (e.g. with Javascript) before
transmitting it, anyone who intercepts the transmission won't be able
to see the password.
While it does enhance security, it isn't fool-proof. For instance, if
you hash the password client-side before transmitting it, anyone who
intercepts the transmission can simply transmit the hash instead. You
could also argue that anyone with direct access to the database could
bypass the security implemented in the application.
If you're really concerned about security, I would store the passwords
as a hash, transmit the actual password when logging in, and use SSL
so the whole thing is encrypted.
As for using PHP's function or MySQL's function it makes no
difference. They both implement the same hash algorithm so you will
get the same answer from both for some given input. These algorithms
wouldn't be of much use if everyone did them differently.
Navigation:
[Reply to this message]
|