MD5 Encrypt

The best way to store passwords is one-way encrypted using MD5 for example. One-way encrypted means that you cannot decrypt the encrypted string to get back to the original string. This is very important. If you users table gets compromised then not all the logins are exposed.

So what if you have a user / pass that you need to login as to test something? Well the username is stored as plaintext so you know that. What I do is MD5 a simple string like 'asdf':

PLAIN TEXT
PHP:
  1. <?php echo md5('asdf'); ?>

Which gives me '912ec803b2ce49e4a541068d495ab570'. So then I copy the old MD5 encrypted password first and save it, then update it with the newly generated one for 'asdf'. Now I can login and test the account. When I am done, I replace the asdf MD5 string with the original that I saved and everything is back to normal.

You can also generate a MD5 hash of s atring using an SQL statement like this:

PLAIN TEXT
SQL:
  1. SELECT md5('asdf')

Either way you get the same result.

These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Netvouz
  • DZone
  • Reddit
  • Furl
  • NewsVine
  • Simpy
  • Slashdot
  • Spurl
  • StumbleUpon
  • YahooMyWeb
  • TailRank
Home | MySQL | MD5 Encrypt

You’re currently reading “ MD5 Encrypt ,” an entry on BRADINO

Published:
3.24.07 / 5pm
Category:
MySQL, PHP