SitePoint Sponsor

User Tag List

Results 1 to 22 of 22
  1. #1
    SitePoint Guru
    Join Date
    Feb 2006
    Location
    Chepstow, South Wales
    Posts
    911
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Encrypt and decrypt a users passwrd

    I am building a system using PHP & MSSQL and I have a part of the CMS that allows the owner to add users to it, and they wont the password encrypted before going into the database.

    What is the best process for this, I have used md5 before but it doesnt seem to be the best way.

    Is it then the case that the person who is being added has the normal password sent to him and its basically matched up with its encrypted self in the database, to allow them to log in correctly.

  2. #2
    SitePoint Enthusiast
    Join Date
    Sep 2008
    Posts
    71
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I think many people would agree that sending passwords in plain text to be bad practice.

    Maybe you could try the link approach, similar to the way sites reset passwords.
    You could send this link to the user, and they navigate to it and set up their own password.
    This could even use the same code as the reset password page.

  3. #3
    SitePoint Guru
    Join Date
    Feb 2006
    Location
    Chepstow, South Wales
    Posts
    911
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Hi craqgerbil,

    OK that sounds like a good idea, but the first bit I would like some advice on to, and that is the password being encrypted when they enter it before it goes into the database.

    What porcess would you use, such as md5 etc, and if you have any opinions on it could you point me towards a script that you think would give me an idea of how to put it together, to encrypt it, and to be able to read it back using md5 or another process.

    Thanks

  4. #4
    Utopia, Inc. silver trophy
    ScallioXTX's Avatar
    Join Date
    Aug 2008
    Location
    The Netherlands
    Posts
    9,097
    Mentioned
    153 Post(s)
    Tagged
    2 Thread(s)
    The process most people use nowadays in PHP is something like this:

    CREATING A NEW USER
    1. Users enters new password
    2. In PHP, generate a random string, called a salt
    3. In PHP, concatenate the user's password and the salt
    4. In PHP, apply sha1 (or some other hashing, like in phpass)
    5. Store the result of the hash function of step 4 and the salt generated in step 2 in the database

    LOGGING IN
    1. Users enters credentials (usually username/email and password combination)
    2. Find the user in the database using username
    3. Get the salt you stored with the user
    4. Concatenate the password the user entered in step 1 and the salt obtained in step 3
    5. Take the sha1 of the result obtained in point 4
    6. If the result of the sha1 in step 5 matches the password entered by the user, the password is correct

    For more info on salts see http://en.wikipedia.org/wiki/Salt_(cryptography)
    Rémon - Hosting Advisor

    SitePoint forums will switch to Discourse soon! Make sure you're ready for it!

    Minimal Bookmarks Tree
    My Google Chrome extension: browsing bookmarks made easy

  5. #5
    SitePoint Addict kduv's Avatar
    Join Date
    May 2012
    Location
    Atlanta, GA
    Posts
    244
    Mentioned
    5 Post(s)
    Tagged
    0 Thread(s)
    PHPass is my preferred method for hashing passwords. Hashing functions like MD5 and SHA1 were never designed for password hashing and can be cracked fairly quickly. PHPass uses the mcrypt library, and it also handles all the salting/stretching needed.

  6. #6
    ¬.¬ shoooo... silver trophy logic_earth's Avatar
    Join Date
    Oct 2005
    Location
    CA
    Posts
    9,013
    Mentioned
    8 Post(s)
    Tagged
    0 Thread(s)
    Logic without the fatal effects.
    All code snippets are licensed under WTFPL.


  7. #7
    SitePoint Member
    Join Date
    Sep 2012
    Posts
    8
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    i recommend you to use the build in function of mysql AES_ENCRYPT.this is the way how i use it:: AES_ENCRYPT($users_password,$users_password_as_the_key); by using users password as the key, it would be less likely to be cracked.

  8. #8
    ¬.¬ shoooo... silver trophy logic_earth's Avatar
    Join Date
    Oct 2005
    Location
    CA
    Posts
    9,013
    Mentioned
    8 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by yeyongde View Post
    i recommend you to use the build in function of mysql AES_ENCRYPT.this is the way how i use it:: AES_ENCRYPT($users_password,$users_password_as_the_key); by using users password as the key, it would be less likely to be cracked.
    No it is not. Using a small key like the users password is not a good idea. Encryption is only as strong as the key that is used.
    Logic without the fatal effects.
    All code snippets are licensed under WTFPL.


  9. #9
    SitePoint Guru
    Join Date
    Feb 2006
    Location
    Chepstow, South Wales
    Posts
    911
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Morning all,

    Thanks for all the responses, but wondered if someone can post some generic code so I can see it in action, remembering that Im using MSSQL database.

    The story is:

    The woner of this site creates the users from inside the cms, basically they do it and then hand the details out, so this is that page.

    Code:
    $uPassword=$_POST['uPass'];
    
    queryInsert="INSERT INTO x (Password)". 
    "VALUES('$uPassword')";
    So thats the upload bit, very easy I know but just wanted to go through it. The owner then would like the password to be encrypted and sent to the database, and he will then hand write a letter to the new user with his/her new password on.

    Then I have built a separate log in page:

    Code:
    if(isset($_POST['login']))
    	{
    	$tsql = "SELECT * FROM Users where Live_User=1";
    	$stmt = sqlsrv_query($conn, $tsql);
    
    	if( $stmt === false )
    	{
    	echo "Error in executing query.</br>";
    	die( print_r( sqlsrv_errors(), true));
    	}
    while($data = sqlsrv_fetch_array($stmt, SQLSRV_FETCH_ASSOC))
    		{
    // 	extract($data);
    	$username=$_POST['txtuser']; 
    	$password=$_POST['txtpass']; 
    	if ($username==$data['Username']  && $password==$data['Password'])
    	{
    		$error1="correct";
    }
    }
    }
    I understand the code for the salt encryption is pretty simple, but if someone could give me a start I be very grateful

  10. #10
    Non-Member
    Join Date
    Sep 2012
    Location
    Sweden
    Posts
    35
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Maybe this will be useful too..

    //function to encrypt the string
    function encryptPass($str)
    {
    for($i=0; $i<12;$i++)
    {
    $str=strrev(base64_encode($str)); //apply base64 first and then reverse the string
    }
    return $str;
    }

    //function to decrypt the string
    function decryptPass($str)
    {
    for($i=0; $i<12;$i++)
    {
    $str=base64_decode(strrev($str)); //apply base64 first and then reverse the string
    }
    return $str;
    }
    ////

  11. #11
    Keeper of the SFL StarLion's Avatar
    Join Date
    Feb 2006
    Location
    Atlanta, GA, USA
    Posts
    3,748
    Mentioned
    73 Post(s)
    Tagged
    0 Thread(s)
    You should never need to decrypt the password. Ever.

    Encrypt input and use it as a comparison; don't decode your password to compare.
    Never grow up. The instant you do, you lose all ability to imagine great things, for fear of reality crashing in.

  12. #12
    ¬.¬ shoooo... silver trophy logic_earth's Avatar
    Join Date
    Oct 2005
    Location
    CA
    Posts
    9,013
    Mentioned
    8 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by euro-space View Post
    Maybe this will be useful too..

    //function to encrypt the string
    function encryptPass($str)
    {
    for($i=0; $i<12;$i++)
    {
    $str=strrev(base64_encode($str)); //apply base64 first and then reverse the string
    }
    return $str;
    }

    //function to decrypt the string
    function decryptPass($str)
    {
    for($i=0; $i<12;$i++)
    {
    $str=base64_decode(strrev($str)); //apply base64 first and then reverse the string
    }
    return $str;
    }
    ////
    That is....very very very poor...don't even joke about using that.
    Logic without the fatal effects.
    All code snippets are licensed under WTFPL.


  13. #13
    Programming Since 1978 silver trophybronze trophy felgall's Avatar
    Join Date
    Sep 2005
    Location
    Sydney, NSW, Australia
    Posts
    16,863
    Mentioned
    25 Post(s)
    Tagged
    1 Thread(s)
    Encrypting passwords is rather pointless since anyone who gains access to the encrypted passwords will generally also have access to the decryption code that they can then run to decrypt them all.

    A better alsternative is to hash the passwirds using something like SHA256 or SHA512 so that there is no decryption routine that can be run.
    Stephen J Chapman

    javascriptexample.net, Book Reviews, follow me on Twitter
    HTML Help, CSS Help, JavaScript Help, PHP/mySQL Help, blog
    <input name="html5" type="text" required pattern="^$">

  14. #14
    SitePoint Member
    Join Date
    Sep 2012
    Posts
    8
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    i dont think so. by doing this, the key is changing always. because the hacker can somehow hack into the web server and see the php script. even hackers get database access, they still have no idea with how to crack password as every password is encrypted differently. that makes a hacker more work to do.

  15. #15
    ¬.¬ shoooo... silver trophy logic_earth's Avatar
    Join Date
    Oct 2005
    Location
    CA
    Posts
    9,013
    Mentioned
    8 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by yeyongde View Post
    i dont think so. by doing this, the key is changing always. because the hacker can somehow hack into the web server and see the php script. even hackers get database access, they still have no idea with how to crack password as every password is encrypted differently. that makes a hacker more work to do.
    Clearly you never looked up brute force. It would take only minutes these days to brute force passwords.
    Logic without the fatal effects.
    All code snippets are licensed under WTFPL.


  16. #16
    SitePoint Member
    Join Date
    Sep 2012
    Posts
    8
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by logic_earth View Post
    Clearly you never looked up brute force. It would take only minutes these days to brute force passwords.
    yes, i looked at brute force which is a method of trying all possible keys. but in my method, every user has different password and so every account has different keys. that s a huge project to crack all the user password in the database. if you use other methods which only use one key, would make hackers easier to crack.

    Thank you for your replying

  17. #17
    ¬.¬ shoooo... silver trophy logic_earth's Avatar
    Join Date
    Oct 2005
    Location
    CA
    Posts
    9,013
    Mentioned
    8 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by yeyongde View Post
    yes, i looked at brute force which is a method of trying all possible keys. but in my method, every user has different password and so every account has different keys. that s a huge project to crack all the user password in the database. if you use other methods which only use one key, would make hackers easier to crack.

    Thank you for your replying
    Just stop, it doesn't matter if every user has a different key, to create a brute force against this is very easy todo. Not only that but creating a rainbow table is also possible.

    As I have stated previously, encryption is only as strong as the key that is used. You are not using a strong key.
    Logic without the fatal effects.
    All code snippets are licensed under WTFPL.


  18. #18
    SitePoint Guru
    Join Date
    Feb 2006
    Location
    Chepstow, South Wales
    Posts
    911
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Thanks guys, will look into it and give it a go.

    Have used md5 before, but think I need to look into a more secure way of handling things.

  19. #19
    SitePoint Wizard bronze trophy Jeff Mott's Avatar
    Join Date
    Jul 2009
    Posts
    1,313
    Mentioned
    19 Post(s)
    Tagged
    1 Thread(s)
    Quote Originally Posted by yeyongde View Post
    i recommend you to use the build in function of mysql AES_ENCRYPT.this is the way how i use it:: AES_ENCRYPT($users_password,$users_password_as_the_key); by using users password as the key, it would be less likely to be cracked.
    It's an interesting idea, but ultimately no different than a regular hash function. The user's password is the input, and a random, irreversible* string is the output.

    * Strictly speaking, it is reversible, but only if you already know the original input string.
    "First make it work. Then make it better."

  20. #20
    SitePoint Wizard bronze trophy Jeff Mott's Avatar
    Join Date
    Jul 2009
    Posts
    1,313
    Mentioned
    19 Post(s)
    Tagged
    1 Thread(s)
    If I could "+1" or "upvote" replies, I'd vote for ScallioXTX's reply.
    "First make it work. Then make it better."

  21. #21
    SitePoint Member
    Join Date
    Sep 2012
    Posts
    8
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    yeap, i agree with ScallioXTX's reply as well. sounds like the best solution here.

  22. #22
    Non-Member
    Join Date
    Sep 2012
    Location
    Sweden
    Posts
    35
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by logic_earth View Post
    That is....very very very poor...don't even joke about using that.

    Yes, it's a very simple base64 example, just showing the logic


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •