How important is using password() encryption function ?

**Atli** · Mar 23 '10, 07:16 PM

Hey.

Passwords aren't really "encrypted". They are hashed. - That basically means the password is converted into a non-reversible string of characters that should (in theory) be unique to that password.

This is an extra layer of security, and privacy, in case your password database is compromised. It means that your user's passwords will not be clearly readable, even if somebody managed to hack their way into your databases. - It also protects your users from you; the database admin. - This may also be an invaluable protection on shared hosts, where you can not be sure who exactly has access to your database.

It's just one of those basic security features that is easy to implement and may prove invaluable. In my opinion, any site that does not implement this sort of protection has sub-par security, regardless of any other security they may use. (Although that opinion is highly debatable.)

It seems much easier not to have encryption for access to simple membership sites. That way, if the is a problem, I can then log in as the member and see what they see. With encryption, I can not use their password to log-in so it restricts my trouble shooting options.

That you should never do. You should never log in as another member. - If you need to do anything like that, you should add administrative tools that allow you to do so without having to actually use the user's login credentials.

Bottom line is that user passwords are highly private pieces of data. Even viewing it yourself for administrative tasks is an invasion of their privacy. -- Nobody except the user should be able to know their passwords, not even you. Hashing them, and discarding the original, ensures that.

**Markus** · Mar 23 '10, 09:04 PM

Well put, Atli.

P.S. I fixed a few typos for you :)

**jeddiki** · Mar 24 '10, 06:10 PM

Thanks for your reply.

I appreciate your opinion.

If I hash the passwords though, I guess that it means I can not send the account owner their password in an email ... or can I ?

When my script sends the hashed password out to the owner, can the user see it in their browser as the password they need to enter ?

Thanks for any clarifications.

.

**Atli** · Mar 24 '10, 06:55 PM

No. You can not retrieve the password in any way. A hash is scrambled beyond recovery, so there is no way (in theory) to recover it. - If the user forgets his/her password, you would have to generate a new password and send him that, so he can log in and change it.

Originally posted by Markus

Well put, Atli.

P.S. I fixed a few typos for you :)

Thanks :)
Was test-driving IE8 (just for kicks xD)... no proper spell checker.

How important is using password() encryption function ?

How important is using password() encryption function ?

Comment

Comment

Comment

Comment