I agree... MD5 is the best way to store passwords... you only store the md5 hash of the actual password, then when the user logins you have to compare the stored hash with the md5 hash of password the user uses to login!
cheers, Valter Santos ----- Original Message ----- From: "Brian Clark" <[EMAIL PROTECTED]> To: "PHP is not a drug." <[EMAIL PROTECTED]> Sent: Thursday, December 06, 2001 2:48 PM Subject: Re: [PHP] encryption > * Justin French <[EMAIL PROTECTED]> [Dec 06. 2001 07:33]: > > > Can someone give me a brief over view of how to encrypt a password and > > store it in a MySQL DB, then be able to validate thier plain text > > password on login against the encrypted one on the DB? > > An alternative is to just store an Md5 of the password and not the > actual password. > > <http://www.php.net/md5> > > -- > -Brian Clark > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > To contact the list administrators, e-mail: [EMAIL PROTECTED] > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
