And the good Lord saw that clear was bad and gave us ssh... If you care that much build an ssh tunnel to the db server and talk over that.
-----Original Message----- From: Jason Wong [mailto:[EMAIL PROTECTED] Sent: 20 December 2004 17:29 To: php-general@lists.php.net Subject: Re: [PHP] Using encrypted passwords On Tuesday 21 December 2004 00:03, symbulos partners wrote: > is it possible to use encrypted passwords in php files, for connecting > to a database? > > We do not like too much the idea of the password being in clear text. > > Example > $link = mysql_connect('localhost', 'mysql_user', 'mysql_password'); > > 'mysql_password' should be encrypted Why? It's not going to offer any protection. If I know your encrypted password and am able to access your database using it there is no reason for me to know what your cleartext password is. In other words if I am able to read the file containing your password (whether encrypted or cleartext) then I can access your database. ________________________________________________________________________ This message has been checked for all known viruses by the CitC Virus Scanning Service powered by SkyLabs. For further information visit http://www.citc.it ___ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php