View Full Version : encrypting passwords

09-10-2007, 03:19 AM
how can you encrypt a users password so in the database it doesnt show the users exact password.

09-10-2007, 07:03 AM

you can do this in a number of ways.

i use md5() which is a standard algorithm and used widely. It will return a 32 char hash of anything you process with it from a 5 char password to a whole 30 page text file.

try it...

$string = "dreamweaverclub"; //<<< try anything you want in here and at any length

echo md5($string);


when setting up users you need to wrap your $password var in this function

$password = md5($password);

you need to do this before you insert into the db and make sure you have your password field length set to 32 varchars.

you need to also compare md5 when logging in...

$password = md5($_POST['password']);

if ($password == $row['password']){
//let me in

you cant decrypt an md5 string but you dont need to.

09-10-2007, 01:27 PM
Thank you, I will give this a shot.

Also, I could barely find this topic :P

09-10-2007, 01:29 PM

had to split the thread down as it could become confusing

try creating separate posts for different questions

09-10-2007, 01:34 PM
sorry, I didnt want to be clogging up the forums with a bunch of random questions.

I have a question though. Right now I have an account with a normal password. How can I change that from the normal password to the new md5 encrypted password in the database?

09-10-2007, 01:57 PM
you will have to manually change these

md5 the password and cut & paste the string into your db then build the md5 functionality into your admin account creation page

09-10-2007, 02:04 PM
sorry, I didnt want to be clogging up the forums with a bunch of random questions.

err thats all this forum contains

dont worry you dont get charged for the questions you ask so ask away

its refreshing dealing with coders

09-11-2007, 12:03 AM
Cool! I got this working! Thank you very much! This should be a little more secure now :)