Password Storage without login mechanism

Sitepoint community,

I am starting to get into PHP Development (I am a beginner who has some university programming course experience ‘C and some Java’). Lately I have been wanting to build my own DVD Web Application which stores what titles you currently have in your collection and where they are located in the racks. The dilemma I face is how to best store the Password as there is no need for user login mechanism as the web application is going to be local to a standalone machine anyway (I know that there’s not much need for implementing security I just want to learn how to implement a good level of security so that I can add the experience in doing so to the belt ‘so to speak’).

The platform I am using is Apache 2 with PHP 5.3.x and MySQL

My problem is that since there is no login mechanism (I think) that I will have to have the MySQL password for a non-root user stored in a PHP file but this worries me (even if I use a crypt function to hash it if the hashed password is stored in mysql wouldn’t writing it down in a PHP file be as bad as storing it in Plain Text? Is this incorrect thinking or is there a better way of storing passwords without login mechanisms?



I have done a little homework and have found this resource which I have just started to read; just thought I’d post it here if others have the same desire to learn about password hashing as I did:


2005 is a little dated now but hopefully it will give me the basics.

Even better I’ve found an info page on the same website with a potential solution to my concerns: Exposed Access Credentials