One of the most common mistakes a novice PHP / MySQL programmer will make when creating a membership site is storing passwords in the database without protecting them in any way. Why is this a problem? If a database is hacked, and this can easily happen without sufficient safeguards in all the code of the entire website (a loophole and the information can be accessed and collected), a hacker could easily discover all the passwords of its users and not only use this information to take control of their accounts (including administrator accounts!), but also the accounts of other services of which a user may be using the same password (Gmail, Facebook, Twitter, PayPal, whatever is!).
Maybe such a drastic attack isn’t a big deal if you have good code that prevents SQL injections and the like, but there are still the brute force or dictionary attack options that hackers could use to get a user’s password. , including that of the administrator. password. Therefore, it is important for your own site and the privacy and security of your users to ensure that their passwords are safely stored in your database. When a user gives you their password, they expect it to be secure; So don’t let your users down!
There are many ways that a PHP programmer can encrypt passwords before storing them in the database. The most common method is to use a hash, which means that the encryption process for a password cannot be reversed; therefore, if a user loses their password, they must be provided with a new one, as the old one cannot be decrypted or returned. Hashed passwords are generally verified during login in the same way as an unencrypted password: by comparing strings. There are exceptions to this method in stronger hashes, which I’ll get to.
The simplest (and very common) method is by using md5 to encrypt the password. Although this method is incredibly easy, and certainly preferable than nothing, it is not very difficult to break the encryption, and there are many sites that help to do exactly this. I tried one of these sites once, with great success.
But, if you think this method will be safe enough for your site, at least for now, this is how it would be done:
$ encrypt_pass = md5 ($ pass);
Where $ encrypt_pass is the encrypted password and $ pass is the variable that contains the password you want to encrypt. But since this method is quite insecure, let’s look at other options.
A very similar but slightly better hash is sha1. It works the same way as md5, except it returns a 160-bit fingerprint instead of a 128-bit fingerprint:
$ encrypt_pass = sha1 ($ pass);
Another option is to use a salt on top of md5 or sha1. The way this works is that a string is added to the password before md5 or sha1 enters it. This is quite good for preventing brute force or dictionary attacks, as the theory behind this is that a user’s weak password can be salt-fortified before being hashed and inserted into the database. For instance:
$ pass = “pass123”; // Let’s say this is the password the user entered
$ salt = “1y2Jdu1D8! b”; // This is the salt algorithm
$ encrypt_pass = md5 ($ salt $ pass); // Add the salt and hashish
However, if the hacker can figure out what the salt algorithm is, this method is as weak as an ordinary md5 or sha1 hash. So what else can we do? How about combining methods?
$ pass = “pass123”;
$ sal = sha1 (md5 ($ pass));
$ encrypt_pass = md5 ($ salt $ pass);
Although this is not foolproof, it is really strong and almost impossible to crack without knowing the algorithms, which usually means access to the .php file. Of course, if you want to keep these passwords safe from other people who may be working on a project with you and have access to the files, there is another option to consider.
Personally, I like to use the “Portable PHP Password Hashing Framework” or phpass, an open source solution on which password encryption for phpBB and WordPress is based. With this system, a hash is different each time for the same password, which means that one must use the phpass function to compare two passwords. In theory, this makes it impossible to crack.
To use this framework, you must download the files from openwall. There will be a PHP file called PasswordHash .php that has the hash class. Upload it to your server and request it (or include it) on the page where the password will be encrypted. You can then call the class to encode the password:
$ t_hasher = new PasswordHash (8, FALSE);
$ hash = $ t_hasher-> HashPassword ($ password);
Then to verify two passwords (during login, for example):
$ check = $ t_hasher-> CheckPassword ($ pass, $ hash); // $ pass is the password being verified and $ hash would be the hash password stored in the database
if ($ check) {/ * Allow user to pass * /}
if (! $ check) {/ * Don’t let the user pass * /}
The test .php file is well commented and will have more functions that may be useful to review. It will also test everything to make sure it works on your system.
This is a quick summary of what you can do to keep your site and your site users safe. Please do not store passwords as plain text in your database. It is bad practice and does not maintain the trust that users have in you when they sign up to your site. It is easy to do and very important.