How people stores the password in database?

**jeephp** · 07-20-2005, 05:51 AM

Hi,
I need some help with storing password in mysql database or something similar.

i used to store the password in database using md5() function but there is no way to retrieve the

password back.

Now i want to know that -
is it standard and secure way to store password?
is there any other technique to store password so i can retrive it back?

Any advice on this would be highly appreciated.

Thanks
Paresh

**asm** · 07-20-2005, 06:06 AM

Passwords is obviously a broad subject that we could spend the day discussing. If the data is sensitive then there should (in my opinion) be no way to view the password, but ask yourself this question, why would anybody want to view another persons password? if it is lost it can just be changed. You can use the encode function ie insert into TableName value(null, ENCODE($aPassword))
As appose to TableName value(null, PASSWORD($aPassword))

This means that it can be retrieved by using the DECODE() function. As I say though it depends on the worst case scenario, if your database gets hacked does it matter if the hacker gets the passwords?

**millwalll** · 07-20-2005, 06:45 AM

yeah i agree i dont think you should eb able to retrive the password as alot fo people hve the same password for alot of things

**Enigmatic** · 07-20-2005, 07:28 AM

Alternativly, use the php md5() function

**ibbo** · 07-20-2005, 07:49 AM

I store as md5, adds that extra peice of security.