what is PHP’s safest encrypt/decrypt method, in use with MySQL – to store let’s say passwords?
Of course, not for portal purposes – hashing is the safest option there.
I want to do little password (domain/mysql/ftp…) storage for our whole team online, so we could log in and check to passwords, but I don’t want really to endanger our clients’ bussinesses. Hash can’t be used for obvious reasons – we need to get the passwords in readable form back, after logging in – (Doesn’t really make sense to run rainbow tables every time :D).
Any idea?
Edit: so far, there was just mysql-level AES. Do you think anything would be better/safer or do you have any experience with 3rd party open source code?
If you want encrypt and decrypt then you may wish to consider MySQL’s built-in AES encryption. This allows you to use a salt (even a random salt for each item) and then store the encrypted data as a binary blob. You can then fetch the salt or use a stored one, and decrypt the data.
There’s a good tutorial on AES encyrption/decryption here: http://techpad.co.uk/content.php?sid=82