Home/ Questions/Q 8017281
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-04T20:48:05+00:00

I’m working on creating basic password security on a medium size PHP CodeIgniter website.

  • 0

I’m working on creating basic password security on a medium size PHP CodeIgniter website. I need to start encrypting password that are being saved into a database. User passwords can be inserted using different methods including CSV import or an individual sign up approach.

Therefore I just want to know at what is the correct level in a MVC system where a password should be encrypted?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    The only time you need to perform this function is when adding a new user or updating the password for an existing user. Both of these functions should be performed by the User model. For example, something like:

    $user = new User();
$user->setName('...');
$user->setPassword('...');
$user->save();

    or:

    $user = User::find('...');
$user->setPassword('...');
$user->save();

    In this example, the setPassword() method would do the actual encryption.

    Also, think of it this way — it shouldn’t be possible to get an unencrypted password into the system. So, you make the User model the only way to interact with users, and have it transparently encrypt all passwords given to it.

    • 0