|
Posted by gene.ellis on 02/01/06 00:57
Thanks everyone for the responses!
Jonathan wrote:
> gene.ellis@gmail.com wrote:
> > I am using PHP to allow users to create profiles on our website and
> > store them in a MS SQL database and I am wondering, how can I encrypt
> > the passwords? Also, how would I be able to match the right password
> > when it is time to retrieve the password from the database? Thank you
> > very much for your help!
> >
>
> I would use a encryption routine that can not be decrypted, like MD5,
> and store the encrypted version in the database.
>
> Encrypt the password entered when (s)he logs in using the same routine
> and compare the encrypted version entered by the user with the one in
> the database. This way it is virtually impossible to recover the
> passwords from the database by whomever.
>
> Jonathan
Navigation:
[Reply to this message]
|