Secure password storage

I'm developing a web service where users must login. I will store user data in an SQL database and input/output via PHP. But I don't want to store it openly. How do I encrypt the passwords in PHP so only those who knows the password can unlock it?

I know services like phpBB uses some sort of hiding/encryption on stored passwords.

Answers


The easiest way to get your password storage scheme secure is by using a standard library.

Because security tends to be a lot more complicated and with more invisible screw up possibilities than most programmers could tackle alone, using a standard library is almost always easiest and most secure (if not the only) available option.

See this answer for more info


You need to salt and hash the password, using an appropriately secure algorithm.


Need Your Help

How can I plot a function in R with complex numbers?

r plot

I want to plot the following function in R

Can I increase performances using glscissor

android opengl-es

I'm working on a 2D game for android using OpenGL ES 1.1 and I would like to know if this idea is good/bad/useless.

About UNIX Resources Network

Original, collect and organize Developers related documents, information and materials, contains jQuery, Html, CSS, MySQL, .NET, ASP.NET, SQL, objective-c, iPhone, Ruby on Rails, C, SQL Server, Ruby, Arrays, Regex, ASP.NET MVC, WPF, XML, Ajax, DataBase, and so on.