how to encrypt password in MySQL database?

Collapse
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • poolboi
    New Member
    • Jan 2008
    • 170
    #1

    how to encrypt password in MySQL database?

    hi guys,
    i would like to ask thing son encryption of data
    presently i'm setting up a mysql database to store usernames and password for authentication

    is there ways i can encrypt the column passwords even to the database administrator? i know of MD5 but how do i actually go about doing it?
    Tags: encode mysql
    • Atli
      Recognized Expert Expert
      • Nov 2006
      • 5062
      #2
      Hi.

      There is a simple way to do that by using either the MD5 or SHA1 hashing functions. The essentially do the same thing, but the SHA1 function creates a longer hash, which makes it more secure.

      Just do something like this:
      [code=mysql]
      INSERT INTO myUserTbl(UserN ame, Password)
      VALUES('myUserN ame', SHA1('myPasswor d'));
      [/code]
      And then, when it comes to validating the password you can do something like:
      [code=mysql]
      SELECT UserID FROM myUserTbl
      WHERE UserName = 'myUserName'
      AND Password = SHA1('myPasswor d');
      [/code]
      This way, nobody can read any of the passwords, not even with full access to your database.
      Last edited by Atli; May 27 '08, 01:04 PM. Reason: Misspelled the second password. Fixed now.

        Comment

        • poolboi
          New Member
          • Jan 2008
          • 170
          #3
          Originally posted by Atli
          Hi.

          There is a simple way to do that by using either the MD5 or SHA1 hashing functions. The essentially do the same thing, but the SHA1 function creates a longer hash, which makes it more secure.

          Just do something like this:
          [code=mysql]
          INSERT INTO myUserTbl(UserN ame, Password)
          VALUES('myUserN ame', SHA1('myPasswor d'));
          [/code]
          And then, when it comes to validating the password you can do something like:
          [code=mysql]
          SELECT UserID FROM myUserTbl
          WHERE UserName = 'myUserName'
          AND Password = SHA1('MyPasswor d');
          [/code]
          This way, nobody can read any of the passwords, not even with full access to your database.
          hi,
          hm..with respect to yr validation part
          i realise when i printed this SQL statement on mysql client
          it returns me an empty set
          so i'm not sure if that really works

            Comment

            • Atli
              Recognized Expert Expert
              • Nov 2006
              • 5062
              #4
              Originally posted by poolboi
              hi,
              hm..with respect to yr validation part
              i realise when i printed this SQL statement on mysql client
              it returns me an empty set
              so i'm not sure if that really works
              It does work. I've used this method on several projects myself.

              If you are using the exact code I posted tho, the problem may be that I misspelled the second password. It should start with a lowercase 'm'.

              I've corrected the typo in my old post.

                Comment

                • poolboi
                  New Member
                  • Jan 2008
                  • 170
                  #5
                  Originally posted by Atli
                  It does work. I've used this method on several projects myself.

                  If you are using the exact code I posted tho, the problem may be that I misspelled the second password. It should start with a lowercase 'm'.

                  I've corrected the typo in my old post.
                  opps alright i know the problem
                  i declare the my length for my password in my password field too short
                  that's why the verifying ran into problems
                  thanks anyway atli

                    Comment

                    • sbmk
                      New Member
                      • Apr 2012
                      • 1
                      #6
                      Thanks Atli, it really works.I have tried it.You're just GR8 !!!

                        Comment

                        Previous template Next
                        Working...