Member Avatar for Vincentas

Hi there,

I just came to find out, storing a password in a plain text is a bad idea IF that password is only used for re-sending it?

Let me put it this way, people register in your site, you can keep one hased password, lets say by md5() or sha1() or bcrypt, which will only be used to authenticate and log in user, the other one can be stored in the form of plain text, not this plain text will only be used to resend, it will not be used to login/ or provide access to anything, but it seems a bad idea, as I have been told. Is there any reason for this?

  • 3 Contributors
  • 2 Replies
  • 163 Views
  • 18 Minutes Discussion Span
  • Latest Post Latest Post by cereal

Recommended Answers

All 2 Replies

Member Avatar for JorgeM

If you store the password in plain text, I am not sure that there is a point in storing the hash value. If the DB is compromised, or packets captured during the email "resend", the passwords are vulnerable.

Member Avatar for cereal

Also, if you want to resend passwords then create a new one automatically, or use AES_ENCRYPT / AES_DECRYPT in MySQL, change the password field to text or blob as in this example:

CREATE TABLE `users_test` (
`id` int(9) NOT NULL AUTO_INCREMENT,
`username` varchar(255) NOT NULL,
`password` blob NOT NULL,
`password_hash` varchar(40) NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=MyISAM AUTO_INCREMENT=2 DEFAULT CHARSET=utf8

And then try:

INSERT INTO users_test (username, password, password_hash) VALUES ('username',AES_ENCRYPT('my_password','hash'),sha1('my_password'));

If you go to perform a normal select you get:

select * from users_test;
+----+----------+------------------+------------------------------------------+
| id | username | password         | password_hash                            |
+----+----------+------------------+------------------------------------------+
|  1 | username | <F8><E9><?<F4>^L<8B>^Y<9A><84><8C>4\<8D><AA>^B          | 5eb942810a75ebc850972a89285d570d484c89c4 |
+----+----------+------------------+------------------------------------------+

But if you use AES_DECRYPT:

select id, username, AES_DECRYPT(password,'hash') as password, password_hash from users_test;

+----+----------+-------------+------------------------------------------+
| id | username | password    | password_hash                            |
+----+----------+-------------+------------------------------------------+
|  1 | username | my_password | 5eb942810a75ebc850972a89285d570d484c89c4 |
+----+----------+-------------+------------------------------------------+

You get the correct value. So, this is a safer solution than plain text:

https://dev.mysql.com/doc/refman/5.5/en/encryption-functions.html#function_aes-encrypt

bye!

Edited by cereal
Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.