Encrypting/Decrypting Passwords to and from a MySQL database

I'm starting to create a user system for my website, and what I want to do is to hav开发者_高级运维e the passwords encrypted, rather than plaintext. I'm using PHP/MySQL, so I figured crypt() is a good place to start. However, I'm brand new to cryptography like this, and I'm having trouble understanding exactly how it works. Does anybody know how to implement, at the simplest level, a way for passwords to be stored as an encrypted string, but always be able to be decrypted, without a security issue?

Passwords should be hashed, not encrypted. That is, you should not be able to decrpyt the password. Instead, you should compare hashes.

1. User sets password $password = 'hX4)1z'
2. You get hash of password and store to DB:

#

$pw = hash_hmac('sha512', 'salt' . $password, $_SERVER['site_key']);
mysql_query('INSERT INTO passwords (pw) VALUES ('$pw');

1. Customer comes back later. They put in their password, and you compare it:

#

mysql_query('SELECT pw FROM passwords WHERE user_id = ?');
//$pw = fetch

if ($pw == hash_hmac('sha512', 'salt' . $_REQUEST['password'], $_SERVER['site_key']) {

   echo "Logged in";

}

PHP has some built-in has functions, such as md5(). When I was learning I found IBM's primer very useful - I'd highly recommend looking at that.

As an aside, I would advise against being able to decrypt a password. The only person who should know their password is a user! This is why we store hashed versions of passwords which we can check against, rather than storing encrypted passwords which can be decrypted..

I notice people make huge deals about storing passwords.

Agreed you shouldn't store passwords as plain texts, but if you store the one way hash and get rid of the password, hackers can still using algorithms to hack a hash hashing strings and comparing.

Also, if you encrypt with an algorithm that you can decrypt later, that can also be hacked by figuring out the algorithm of the encryption.

I think as long as no one can see the users' passwords outright and you simply make it difficult for hackers you're good, but people say you shouldn't encrypt because it can be decrypted but that's not fair because anything can be hacked.

Use md5 instead

http://php.net/manual/en/function.md5.php

http://en.wikipedia.org/wiki/Md5

You can use md5 or better hashing technique like sha1 See password hashing http://phpsec.org/articles/2005/password-hashing.html for more details.

I suggest using SHA2 with a salt to store your password.

To create a SHA2 hash, use this:

$hash = hash("sha512", $password.$salt);

A salt contains some extra characters to add to your password before hasing to prevent rainbow tables (databases of passwords and it's hashes). You can create one using a unique user info (like a user_id) or just create a random one and store it somewhere. Just make sure the salt is long enough.

Don't make use of MD5 anymore; it's old. See http://en.wikipedia.org/wiki/MD5#Collision_vulnerabilities for more info.

EDIT: These are one-way hashing algoritms. You can and should not be able to decrypt a password. If you can, then there is no point in using a hash to store passwords.

No, there is always going to be a security issue with regards to where you store the encryption password. This is why websites never store the hash of the password and not the password itself. When someone registers at your website and they enter the password, you store the hash (MD5 or SHA1 or whatever, as mentioned above) of the password. When they log in later you again hash the password they entered (by the same method used when storing it) and compare. If the hashes are the same then the passwords are the same (with a very high probability!) Any website that lets you recover your password is an insecure website.