thminco Posted October 25, 2011 Share Posted October 25, 2011 I am building a new site for my brother and was wondering what the users out here thought about the many options for password security in a MYSQL database. Is using md5 &/or sha1 with some scheme of salting enough? I am also curious about AES & BLOWFISH. How are these implemented? Also, are php code files on a server subject to the same security issues as an SQL database? (In other words, can hackers get at these files to view the code which might include schemes for salting?) Thanks to all, Newbie Tom Edit (KP): No need to shout Link to comment https://forums.phpfreaks.com/topic/249808-thoughts-on-password-encryption-databasewebsite-security/ Share on other sites More sharing options...
shlumph Posted October 25, 2011 Share Posted October 25, 2011 I thought this recorded webinar was extremely informative on the subject: http://www.zend.com/en/webinar/PHP/70170000000bWL2-strong-cryptographie-20110630.flv He talks about the different algorithms, the best way to encrypt a password, etc. Link to comment https://forums.phpfreaks.com/topic/249808-thoughts-on-password-encryption-databasewebsite-security/#findComment-1282234 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.