How to make login secure?

[crazylegseddie]

I currently have a log-in facility implemented in my site but it passes the password to the database in plain text with the following script.

[code=php:0]
$errorMessage = '';

$userName = $_POST['txtUserName'];
$password = $_POST['txtPassword'];

// first, make sure the username & password are not empty
if ($userName == '') {
$errorMessage = 'You must enter your username';
} else if ($password == '') {
$errorMessage = 'You must enter the password';
} else {
// check the database and see if the username and password combo do match
$sql = "SELECT user_id
        FROM tbl_user
WHERE user_name = '$userName' AND user_password = '$password'";
$result = dbQuery($sql);

[/code]

Can I set this script to encrpyt the password in some way and make it more secure?

Any help will be good.

THX

[GingerRobot]

Take a look at the md5 function

http://uk.php.net/md5

You will to apply the function to the passwords that are set when someone registers/an account is created and when they log in.

[tomfmason]

You might also want to try something like [url=http://us3.php.net/manual/en/function.mysql-real-escape-string.php]mysql_real_escape_string[/url]

[Chetan]

but the best one is sha1 because md5 can be decrypted by some providers on the net, use it like this
[code=php:0]
<?php
$encryptme="Hello World!";
$encryptme=sha1($encryptme); // Encrypted
?>
[/code]

[ignace]

I see your using $error_message, to make sure you can display these error's above your form, and still be able to process your script above the html-head information I use one extra variable, ofcourse I am giving you the very basic here..

[code]
<?php
$PreCheckComplete=0;
if (@$_POST) {
   $errorMessage = '';
   $userName = $_POST['txtUserName'];
   $password = $_POST['txtPassword'];

   // first, make sure the username & password are not empty
   if ($userName == '') {
      $errorMessage .= "&bull; You must enter your username<br />";
   }
   // you can also check for string length if (strlen($userName) < 6 ) { ...
   if (strip_tags($userName) != $userName) {
      $errorMessage .= "&bull; You are not allowed to use html in your username.<br />";
   }
   if ($password == '') {
      $errorMessage .= "&bull; You must enter the password.<br />";
   }
   if (strip_tags($password) != $password) {
      $errorMessage .= "&bull; You are not allowed to use html in your password.<br />";
   }
   if (!$errorMessage) {// no errors found..
      $PreCheckComplete = 1;// Set flag
      $password = sha1($password); // don't know if sha1 is already implemented..
      // check the database and see if the username and password combo do match
     $sql = "SELECT user_id"
     . "\n FROM tbl_user"
     . "\n WHERE user_name = '$userName'"
     . "\n AND user_password = '$password'"
     ;
     $result = dbQuery($sql);
  }
}
?>
<!-- below the headers -->
<!-- above the form -->
<?php
if ($PreCheckComplete==0) {//Display the form
   if (@$errorMessage) {
     echo $errorMessage;
   }
?>
<form action="" method="post" ....
<?php } else { // Display success
  echo 'jipii';
} ?>
[/code]

[silentwf]

[quote author=RockingGroudon link=topic=103077.msg410148#msg410148 date=1154777193]
but the best one is sha1 because md5 can be decrypted by some providers on the net, use it like this
[code=php:0]
<?php
$encryptme="Hello World!";
$encryptme=sha1($encryptme); // Encrypted
?>
[/code]
[/quote]

[url=http://www.schneier.com/blog/archives/2005/02/sha1_broken.html]http://www.schneier.com/blog/archives/2005/02/sha1_broken.html[/url]
Ouch?

Always remember, NOTHING is absolutely secure.

[Chetan]

Its still less famous that it was broken... and ok i was wrong there but it is still better than md5 because there are a lot of prviders like md5decryter.com and when u search sha1 in google you would not get a lot of decrypters.
Nothing against you or something but wanted to tell you that is compared sha1 is better

[beamerrox]

[code]<?php
$encryptme="Hello World!";
$encryptme=sha1(md5($encryptme)); // Encrypted
?>[/code]

[silentwf]

That still isnt hard to crack, you do realize that right?
Just decrypt the Sha1, then decrypt the MD5.
And plus, it adds a BIG load to the db, the encryption is uber long

[newb]

u cant decrypt md5! show me proof u liar!

[rab]

[quote author=silentwf link=topic=103077.msg410947#msg410947 date=1154913432]
That still isnt hard to crack, you do realize that right?
Just decrypt the Sha1, then decrypt the MD5.
And plus, it adds a BIG load to the db, the encryption is uber long
[/quote]

You relize you won't get the md5 hash right?

@newb, your right, you can't decrypt MD5 but their are flaws in it that allow for MD5 collision. Also can be brute forced.

@crazylegseddie, encrypt the password and add random salt. Then create a session based off of a time and IP. But thats just what I would do to increase security

[corbin]

MD5 is irreversable last i heard...

[dagnasty]

if you want it stored in your database encrypted, obviously use encrption at the server side, however, going from a client to server, the form will still post as plain text. You can see actually see for yourself with a packet sniffer. To encrypt at the network layer, use SSL.

[dagnasty]

In case you're not sure what adding salt is:

$password = $password . "bunchofwordsorrandomcharacters";
$password = md5($password);

[corbin]

wow so whats the purpose of adding salt?

[Chetan]

So that the hacker gets the decrypted string with the caracters at the end making him getting the wrong pass