=SHA1("$password");
$password is the user's input password.
Regards,
Erik Osterman
http://osterman.com/
-Original Message-
From: David T-G [mailto:[EMAIL PROTECTED]
Sent: Friday, November 07, 2003 9:05 PM
To: mysql users
Cc: Luis Lebron
Subject: Re: Secure way of stor
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Luis, et al --
...and then Luis Lebron said...
%
% Any suggestions of a "secure" way of storing membership passwords (for a
% website) in a mysql database? Should I use sha, aes, des???
Do you really need to be able to decrypt and get the plaintext
Luis Lebron wrote on 07.11.2003 15:22
Any suggestions of a "secure" way of storing membership passwords (for a
website) in a mysql database? Should I use sha, aes, des???
thanks,
Hi Luis,
try md5 encryption for passwords in your application and write
md5-encrypted values to simple v
Any suggestions of a "secure" way of storing membership passwords (for a
website) in a mysql database? Should I use sha, aes, des???
thanks,
Luis R. Lebron
Sigmatech, Inc
Thanks, Peter,
Yeah, I had looked at ENCODE()/DECODE() and ABS_ENCRYPT()/ABS_DECRYPT() as possible
tools, as well as some inherent PHP functionality. My real question is more about
database design than about the mechanics of encryption. But I do appreciate the
feedback.
Make a good day . .
Thanks, César,
But this is not an option that is negotiable for me. The client mandate is very
clear, and the reason behind it has a strong business case from their standpoint. I'm
not about to get them to change their minds . . . they and I have been over this way
too many times already.
t: RE: Soliciting best approach for storing passwords . . .
>
>
> Barn.
>
> I asked the same question couple of weeks ago and all the answers I got
> pointed to one way encryption. Actually, I had the same need that you,
> but understood that it was better to reset the password
g it.
After all the responses I've get regarding this issue, I never got the
answer to how do a two way encrypting so, if this doesn't help you...
> -Original Message-
> From: databarn [mailto:[EMAIL PROTECTED]]
> Sent: Sunday, June 30, 2002 10:36 AM
> To: MySQL
>
Folk,
I need some input on how best to store username/password combinations online. My
preference would be to store a one-way encrypted value, but that is not possible in
this situation. The constraint is that we have to make provision for giving the
user's password back to the user after a "
char(16) or char(32) with PASSWORD() function or your own crypt ;-)
Hamid Mukhtar wrote:
>
> Hi,
> Is there any data type for storing passwords in tables so that they cannot
> be viewable by anyone.
>
>
Hi,
Is there any data type for storing passwords in tables so that they cannot
be viewable by anyone.
-
Before posting, please check:
http://www.mysql.com/manual.php (the manual)
http://lists.mysql.com
11 matches
Mail list logo
