0
Well I’m working on a project that I need to use the crypt as a method to encrypt the password, but this password I need to use in mobile, how do I use something that the crypt will understand and that the web will also ?
What I need is that wherever he is he can easily encrypt and decrypt.
Another doubt adjacent to this is.
Suppose I encrypted the password, and now I want to check to make a test to testify that the password is correct. What is the right way to do it? Below is my example.
$sql = "select USU.* from ( select COD_IDENT_IGREJ, COD_IDENT_PESSO, TXT_NOMEX_PESSO, TXT_FONEX_PESSO from tbl_PESSOAS where COD_IDENT_IGREJ = :COD_IDENT_IGREJ and TXT_EMAIL_PESSO = :TXT_EMAIL_PESSO and TXT_SENHA_USUAR = :TXT_SENHA_USUAR and FLG_STATU_PESSO = 'A' ) USU left join ( select COD_IDENT_IGREJ, FLG_STATU_IGREJ from tbl_IGREJA ) IGR on USU.COD_IDENT_IGREJ = IGR.COD_IDENT_IGREJ where IGR.FLG_STATU_IGREJ = 'A'";
if (isset($this->params['email']) && isset($this->params['senha']) && isset($this->params['codIgreja'])) {
$dataInput = array();
$dataInput[':COD_IDENT_IGREJ'] = $this->params['codIgreja'];
$dataInput[':TXT_EMAIL_PESSO'] = $this->params['email'];
$dataInput[':TXT_SENHA_USUAR'] = crypt($this->params['senha']);
$data = $this->conexao->fetchNaoRestritivo($sql, $dataInput);
After doing this I check the $data to know if it exists or not. But how have I been reading about the crypt each time it creates a different algorithm to encrypt and decrypt a password.
In these cases of PDO how to check if the password is correct ?
Do not store passwords on mobile, encrypted or hashed. Save a token. If the password is there, someone at some point will be able to copy it to another device.
– Oralista de Sistemas
However the level of information in my application is not high, information does not necessarily need to have as much security at this point
– Renan Rodrigues