Re: [uug] password encryption

Michael R. Bright Thu, 03 Jul 2003 15:29:54 -0700

There are a lot of ways to do this, however, I use a different way of
encrypting password and protect them from other people.  One way that I have
done it is by doing the following:


1. pass the password that you want to use into the following functions:
   $password = crypt(<password>,md5(<password>));
2.  Once that is finished then you need to do the following:
  mysql_query("Insert into mysql.users (host,user,password)
values('localhost',<username>,password('<password>'))");

3.  Once this is finished the person will not be able to login directly to
the mysql database through the command prompt, only via the php script.
This can then be decrypted and the password is double protected.

hopefully this helps.


Michael R. Bright

----- Original Message ----- 
From: "Frank Sorenson" <[EMAIL PROTECTED]>
To: "BYU Unix Users Group" <[EMAIL PROTECTED]>
Cc: "PLUG POST" <[EMAIL PROTECTED]>; "Utah PHP User Group"
<[EMAIL PROTECTED]>
Sent: Thursday, July 03, 2003 2:35 PM
Subject: Re: [uug] password encryption


> On Thu, 3 Jul 2003, Wade Preston Shearer said:
> <snip>
> > if i registered a new user (username: bob, password: apple), his entry
> > in the database is something like...
> >
> > bob:T3dh93jO2
> <snip>
> > 1. what kind of encryption is used when i am using "htpasswd" when
> > registering users via the command line?
>
> Crypt - http://www.php.net/crypt
>
> > 2. can i encrypt passwords with this same encryption using PHP?
>
> $Password = "apple";
> $CryptedString = "T3dh93j02";
> if (crypt($Password, $CryptedString) == $CryptedString) ...
>
> Note that you can also use md5 or other hashes as well.
>
> > 3. can i make PHP read encrypted passwords?
>
> Not sure what you're asking.  It's a one-way hash.
>
> Frank
> --------------------------------------------------------------------------
-
> Frank Sorenson - KD7TZK
> CSR Computer Science Department
> Brigham Young University
> [EMAIL PROTECTED]
>
>
> ____________________
> BYU Unix Users Group
> http://uug.byu.edu/
> ___________________________________________________________________
> List Info: http://uug.byu.edu/cgi-bin/mailman/listinfo/uug-list
>

____________________
BYU Unix Users Group 
http://uug.byu.edu/ 
___________________________________________________________________
List Info: http://uug.byu.edu/cgi-bin/mailman/listinfo/uug-list

Re: [uug] password encryption

Reply via email to