Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I have a very basic logon system, that authenticates users by the means of a user table in a mysql database with php.
can someone explain what the point of hashing passwords it, how to do it with php, and what is actually stored in the database.
Thanks
The point of hashing passwords is for security purposes. If inserted as plain text, anyone that gets into your database will now have all of your users passwords. Another huge problem that stems with this is that it more than likely compromises the user everywhere, not just your site, as most people tend to use the same password everywhere.
To use it in PHP you simply take a string, in this example
$password = 'password';and use the commandsha1();. This will return something liked0be2dc421be4fcd0172e5afceea3970e2f3d940. It is also good practice to ‘salt’ passwords with your php script, so that the PHP script login script is required to successfully log in. Example:Then insert $password into your database. Upon logging in, you would need to salt the password given run it through sha1 in order for it to match the password in the database. You insert it into the database just like any other string, just make sure you have sufficient length granted to the column you’re attempting to insert too.