Posted by Mark on 07/03/06 19:08

Alvaro G. Vicario wrote:
> I'm writing a web application that needs to keep passwords in a database.
> These passwords are for third-party services and are different from the
> regular login passwords.
>
> I don't like storing this sensitive info as plain text and one-way hashing
> is not an option because I need the actual passwords. I've done some quick
> research and it seems that symmetric encryption algorithms (blowfish, AES....)
> provide a reasonable solution-I don't need a 100% hacker-proof system but I
> don't want my security to be too dumb.
>
> These encryption methods, of course, rely on secret keys. And that's my
> doubt: how do I keep these keys so the system is not too insecure? An
> include file with a constant or variable must be world-readable if I want
> to use if from a web site. If I use the regular login password as key (it's
> stored as an MD5 hash so it has to be typed every time), users will lose
> all their passwords whenever they forget their login info.
>
> I'd appreciate any tips or suggestions, as well as links where this
> specific problem is discussed.
>
>
> --
> -+ http://alvaro.es - Álvaro G. Vicario - Burgos, Spain
> ++ Mi sitio sobre programación web: http://bits.demogracia.com
> +- Mi web de humor con rayos UVA: http://www.demogracia.com
> --

I'm probably the most educated person in this field, but if you just
store one key in a PHP file, it would be pretty hard to hack wouldn't
it? Don't put it in a database or anything, just include it where ever
you do your checking.

$key = 'aerg34aerg324eth'; // random

Since it's all done server-side no one would have access to it, unless
they got your FTP info.

And, better yet, add their username to it (not their password which
they might forget) and then run your blowfish algorithm on it.

For my passwords, I've been using md5($password.$key), but I guess
that's not an option for you, like you said, so do
blowfish($password.$username.$key); or something..

[Back to original message]