Password encryption problem (PHP)

Asked

Viewed 278 times

2

I’m making a Pet Shop system and the problem is this: the customer makes the registration, and the password will be encrypted to the bank, but when the login is made it is an error. Example: the user is Mark and his password is 123. When logging in, if I put the password "123" does not enter, only enter if you put the encrypted code.

  • Read this: http://answall.com/questions/63411/segurn%C3%A7a-em-sistema-de-login/63461#63461

1 answer

1

  1. Whatever encryption was used for Windows in the bank.
  2. On the login screen recover the password typed and apply the same password encryption in the bank.
  3. Compare the two strings and if they are equal log in.

Code

$senhaBanco = md5('123');

$senhaDigitada = '123';

echo md5($senhaDigitada) === $senhaBanco // true
  • 1

    The.o md5 for password ?

  • 2

    The logic is the same, but MD5 and on top of that without salt does not, right... I suggest that related question for better algorithm options (TL;DR: PBKDF2, Bcrypt or scrypt).

  • 1

    I think md5() of William’s reply is merely didactic. The dicussion here is not which use of encryption is most appropriate or recommended...

  • Yes, it was merely illustrative, and even from what I know of courses usually taught with md5 and sha1.

  • @mgibsonbr this response street is very good and didactic, had read about it = D

  • 2

    In fact, science and technology are advancing, and what is appropriate today may not be tomorrow. A cursinho/tutorial written at the time MD5/SHA-1 (or even SHA-2) was usual, and that has never been updated, is not "wrong" or "bad" just because the scenario has changed - it is only outdated. Although his answer used the state-of-the-art today, it would not be eternally valid, so it is up to the reader to show discernment in reading it. That said, there are still many people today who think that MD5 is enough to protect passwords, and in part this is due to the abundance of materials in this sense. We want one more?

Show 1 more comment

Browser other questions tagged

You are not signed in. Login or sign up in order to post.