> DB. Storing
> them in this manner leaves them vulnerable to anyone who ends up with
> access
> to that database. You may or may not consider the data in your web app
> important to your user, but most users will attempt to use a password
> they
> use in alot of other places, possibly including banking or other sites.
> IMHO, it's really part of a programmer's responsibility to the internet
> community to make user information is kept secure, particularly
> passwords.
>
> A good alternative to storing passwords in plain text is to hash (MD5)
> the
> password using hash(). You can rehash and compare passwords on login
> to
> authenticate users, without needing the password stored in plaintext.
>
Certainly storing hashes is better than passwords. However, you can't
reverse hashes, which means that if someone forgets their password you
can't figure it out for them. For some web applications that is a
problem although I think offering to reset the password provides the
same benefit, which can be easily done with hashes since you would
generate the new password for the user.
With the above being said, if you must be able to provide passwords to
your users if they lose them, then you simply cannot use hashes. Some
would say that using a form of reversible encryption would be better
than storing the password in plain-text, but that is not true. Anyone
who is capable of getting a copy of your database is just as capable of
getting a copy of your application. And if some has your application
then they can use it to decrypt the password since that functionality
is built right in. Which mind you, is why it is equally worthless to
use reversible encryption on any information in your database anyway
e.g. credit cards.
You could use encryption with a private and a public key. In the application
you always re-encrypt the password and compare the encrypted string. And in
certain cases someone from another system can use the private key to extract
the password.
This would be the best of both worlds, provided the private key isn't stored
on the webserver.
Jesse
[Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings]
