MD5 Question

[dual_alliance]

I have seen many tutorials written, and they have used the MD5 function.  However l don't understand fully how it works.

Does it work by the user enters a password (in register.php) l encrypt it and send it to a MySQL database.  Then when the user logs in (login.php) it converts that password to MD5 and checks to see if it matches with the MD5 password stored in the MySQL database?

Thanks,

dual_alliance

[pixy]

Yep. I prefer to use the SHA() function myself, but it's basically the same thing.

Lets say you enter password as your password. You store is as md5('password') and when you check it, you check
if ((md5($_POST['password']) === (md5($password))) {
  // whatever
}
Where $password is the password you pulled from the db.

[wildteen88]

md5 encrypts the users password in a 32bit encryption. It is a one way encryption which mean it cannot be decrypted, however you can but its not easy as it'll take you while to decrypt it.

[dual_alliance]

Thankyou for your help, l understand fully now how it works. :)

[redarrow]

as well as for hashes used by different PHP-programs:

md5(md5($pass))
md5(md5($pass).$salt)
md5(md5($salt).md5($pass))

[Dville]

make sure you make the db field enough to hold the actual encrypt password too. that slipped my mind for the first minute or so, when I tried with a 8 character limit, lol