Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

mySQL md5 encryption or encryption with a salt?


  • Please log in to reply
3 replies to this topic

#1 g2gsr93

g2gsr93

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:12:27 AM

Posted 29 June 2010 - 09:16 AM

I was just curious as to which is more common practice. Is it safer to use the md5 encryption, or to use the ENCRYPT() function with a developer only known salt?

BC AdBot (Login to Remove)

 


#2 Romeo29

Romeo29

    Learning To Bleep


  • Members
  • 3,194 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:127.0.0.1
  • Local time:11:27 PM

Posted 30 June 2010 - 02:34 PM

md5 is not encryption algorithm, it is just a hashing algorithm. So md5 is never used for encryption/decryption routines :thumbsup:

Edited by Romeo29, 30 June 2010 - 02:36 PM.


#3 KamakaZ

KamakaZ

  • Members
  • 739 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Victoria
  • Local time:03:27 PM

Posted 30 June 2010 - 05:43 PM

In the past I have used md5 to 'encrypt' passwords in databases so they are not plain text. On the other hand I have the PHP Mcrypt function. When it comes down to it I think it's developers choice, whatever you feel more comfortable using.

There's no place like 127.0.0.1
There are 10 types of people in the world, those that can read binary, and those who can't.


#4 chromebuster

chromebuster

  • Members
  • 899 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:the crazy city of Boston, In the North East reaches of New England
  • Local time:12:27 AM

Posted 30 June 2010 - 09:47 PM

Sorry to butt in, but I don't know if this matters, but if working with the command prompt, then I find it easier to use the create user statement right from there and that encrypts the password already for you.

The AccessCop Network is just me and my crew. 

Some call me The Queen of Cambridge





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users