C.1. Storing Passwords
You should never store cleartext passwords
in a database. Instead, store the hash of the password, and use a salt for best results:
<?php
/* $password contains the password. */
$salt = 'SHIFLETT';
$password_hash = md5($salt . md5($password . $salt));
/* Store password hash. */
?>
When you want to determine whether a user has provided the correct password, hash the provided password using the same technique, and compare the hashes:
<?php
$salt = 'SHIFLETT';
$password_hash = md5($salt . md5($_POST['password'] . $salt));
/* Compare password hashes. */
?>
If the hashes are identical, you are reasonably assured that the passwords are also identical.
| Using this technique, it is not possible to remind users what their passwords are. When a user forgets her password, you instead let her create a new one, and you store the hash of the new password in the database. Of course, you want to be very careful to identify the user correctlypassword-reminder mechanisms are frequent targets of attack and a common source of security vulnerabilities. |
|
|