how would that help you anywaySince MD5 is not reversable but is a math algorithem anyway so you could never work back to original data after encoding it.
But with original data and MD5 it you can compare for a match.
In other words what was the point in MD5'ing it in the first place? (since it cannot be decoded to become useful again).
(, Fri 12 Jan 2007, 15:25, archived)
It was some password thing...so instead of storing the raw-text password, I turned it into MD5($password."[some key]") and I encrpyt the password and compaire it on the database.
(
G/PP 💩💩💩💩💩€, Fri 12 Jan 2007, 15:30,
archived)
but wouldn't you be POSTing the data via a form?meaning that even if you did it 20 times, the script would recieve the same data to begin with 20 times
(
SpoonMeiser, Fri 12 Jan 2007, 15:32,
archived)
Nope, it was a simple// check admin stuff
// Get all the userIDs and Passwords
{
// update user with md5($password."[key]")
}
(
G/PP 💩💩💩💩💩€, Fri 12 Jan 2007, 15:34,
archived)
SO.......why not store the original password and just MD5 for the search and compare to ensure secure data transition?
Or as I suggest above, start using a reversable encryptuion like mcrypt (free PHP source).
(, Fri 12 Jan 2007, 15:32, archived)
Because if someone gets into the Database, they would of had everyone's password.You should never store them as raw-text, it was just during a beta-phase.
I've never heard of mcrpt, so I wouldn't of used it.
(
G/PP 💩💩💩💩💩€, Fri 12 Jan 2007, 15:36,
archived)
storing original passwords is a big bad smelly thing to do.md5 the password and store in DB. When comparing passwords you md5 the input, with salt if you like, to the md5 hash in db.
There is *no* reason whatsover to store original passwords, and if anyone got access to your DB, you may well have just screwed over every user.
/securityblog
(
Jenk Neptune is a pedant and now I can't fit my sig in, Fri 12 Jan 2007, 15:36,
archived)