What is the point of encrypting passwords in a database?
Could someone please confirm the following for me:
Is the point of encrypting passwords when saving them into a database that if the database is hacked into then the hacker won't be able to know the actual passwords, unless s/he has the algorithm and salt etc to decrypt it, and therefore won't be able to compromise this or other accounts using the same password?
But my main query is: presumably the password is encrypted in, for example, the PHP script that saves the password into the database, and therefore the algorithm to decrypt the password is clear in that script. So is it correct that if the hacker hacked into the server or content management system for the website s/he would be able to access that script and decrypt the passwords?
So essentially the encryption is only as relevant as your login information to your online CMS or server is strong?
Thanks in advance!
Your passwords shouldn't be encrypted in the database.
What is commonly done is taking a hash of the passwords, and storing that in the database. A hash is a one-way function. It isn't possible to reverse it and get a result. To check to see if a password is correct, the test password (what the user enters) is re-hashed with the salt to see if it matches the has from before.
This way, should someone obtain a copy of the database, they only know the hashes, which take an incredibly long time to find a collision (match) for. Adding a unique salt for each password ensures that users with the same passwords have different hashes, meaning the work to find hash collisions has to happen for each password (very slow).