What is the best way to store login information into database? I know that

Question

0

Asked: May 23, 20262026-05-23T17:18:08+00:00 2026-05-23T17:18:08+00:00

What is the best way to store login information into database? I know that

0

What is the best way to store login information into database? I know that storing plane text password is not at all suggested. What are the other methods?
What functions in PHP are available for storing and authentication of login information if hash values of the password is used?

I am using PHP, MySQL, Apache server on Windows machine.

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-23T17:18:08+00:00

There are two camps in this security discussion:

Don’t store the passwords in your DB. This usually means leveraging OAuth or equivalent. You will need to store a ‘token’ that uniquely identifies the user. This ‘token’ is provided by the authentication service that you select. The service also provides the authentication.
Store a hash (not reversible) transformation of the password in the DB. Then the authentication process is to compare the hashed version of the provided pword with the one in the DB.

There are complexities that should be considered depending upon your security consideration. I think the minimum should be a salted password implementation. This is typically something like:

$hash = sha1(saltThePword($pword));

where

function saltThePword($pword)
{
    // combine the password with a salt.
    // typically:
    //   $pword.$salt
    //   $salt can be static
    //   $salt can be unique to user (reproducible by a formula)
}

Hope this helps.

Bob

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

What is the best way to store login information into database? I know that

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply