Posted by Jonathan on 01/31/06 11:15

gene.ellis@gmail.com wrote:
> I am using PHP to allow users to create profiles on our website and
> store them in a MS SQL database and I am wondering, how can I encrypt
> the passwords? Also, how would I be able to match the right password
> when it is time to retrieve the password from the database? Thank you
> very much for your help!
>

I would use a encryption routine that can not be decrypted, like MD5,
and store the encrypted version in the database.

Encrypt the password entered when (s)he logs in using the same routine
and compare the encrypted version entered by the user with the one in
the database. This way it is virtually impossible to recover the
passwords from the database by whomever.

Jonathan

• Next in forum: freelancing...
• Prev in forum: Re: Undefined variable error message, how can i define it?
• Thread view: Re: How to store and retrieve encrypted password?

[Reply to this message]