2 Replies Latest reply: Apr 13, 2012 1:40 AM by Burak Ueda RSS

    How to password encrypt so I never see users passwords

    stuartskeltonuk Community Member

      Hi I have been testing my site (very rough no design yet). I want a site for a lottery syndicate at my work where by members can log in and submit numbers etc.

      All works well except for the password field.

      When i register a user (test case no real users yet) and I go to phpmyadmin I can see exactly what ive filled in for a password. I can then hash it with MD5 or SHA1, this then gives me a 32 or 40 character password, however when I go to log on with the original password it denies me and will only use the "encrypted key". So I am guessing there is code I need to insert in DW CS5 to allow the user to use their original password.

      To me though that would only be a part solution as I would like to hash the users password as soon as they register as I really do not want to see their passwords. I did try blob but that just allowed me to download the passwords as a .bin file.

       

      Please though I am very much wysiwyg, am able to check and edit snippets of code.

      Any help much appreciated. Below in case you need the code.

       

      http://www.stuartskelton.co.uk/register.php

      http://www.stuartskelton.co.uk/login.php

       

      like I said there is no design, i want to get the DB basics working first.

      Thankyou for looking.