Passwords in PHP

smc · March 3, 2007

Hey everyone,

I really don't understand this MD5 buisness. Basically I want to encrypt my user's passwords into MD5 when they register but then how do I un-encrypt them so the script can verify if they're password is correct when they are logging in?

If anyone could explain I would be very greatful!

genericnumber1 · March 3, 2007

you cant unencrypt md5, it's a one way encryption. what you CAN do though, is md5() the password they input and see if the md5 hash of that matches the md5 hash in the database

coldkill · March 3, 2007

That is what you need to do. md5() you can't decrypt.

When the person enters the data md5 that and check it against what you have in the database. If it matches then they have input the correct password.

md5 isn't supposed to help with brute forcing, it's supposed to encrypt data so it can't be read but not so it can't be compared against something.

smc · March 3, 2007

Ahh awesome, thanks!

DeathStar · March 3, 2007

or

this may help you out a bit

in register page :

to get it in an encrypted form into the db

md5('{$_POST['password']}')

and on the login verifying page to check it:

userpass`=md5('{$_POST['password']}')");

hope that helps

Sign In

Passwords in PHP

Recommended Posts

smc

Link to comment

Share on other sites

genericnumber1

Link to comment

Share on other sites

coldkill

Link to comment

Share on other sites

smc

Link to comment

Share on other sites

DeathStar

Link to comment

Share on other sites

Archived

Browse

Activity

Important Information