0

Hi there,

I just came to find out, storing a password in a plain text is a bad idea IF that password is only used for re-sending it?

Let me put it this way, people register in your site, you can keep one hased password, lets say by md5() or sha1() or bcrypt, which will only be used to authenticate and log in user, the other one can be stored in the form of plain text, not this plain text will only be used to resend, it will not be used to login/ or provide access to anything, but it seems a bad idea, as I have been told. Is there any reason for this?

3
Contributors
2
Replies
7
Views
4 Years
Discussion Span
Last Post by cereal
0

If you store the password in plain text, I am not sure that there is a point in storing the hash value. If the DB is compromised, or packets captured during the email "resend", the passwords are vulnerable.

0

Also, if you want to resend passwords then create a new one automatically, or use AES_ENCRYPT / AES_DECRYPT in MySQL, change the password field to text or blob as in this example:

CREATE TABLE `users_test` (
`id` int(9) NOT NULL AUTO_INCREMENT,
`username` varchar(255) NOT NULL,
`password` blob NOT NULL,
`password_hash` varchar(40) NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=MyISAM AUTO_INCREMENT=2 DEFAULT CHARSET=utf8

And then try:

INSERT INTO users_test (username, password, password_hash) VALUES ('username',AES_ENCRYPT('my_password','hash'),sha1('my_password'));

If you go to perform a normal select you get:

select * from users_test;
+----+----------+------------------+------------------------------------------+
| id | username | password         | password_hash                            |
+----+----------+------------------+------------------------------------------+
|  1 | username | <F8><E9><?<F4>^L<8B>^Y<9A><84><8C>4\<8D><AA>^B          | 5eb942810a75ebc850972a89285d570d484c89c4 |
+----+----------+------------------+------------------------------------------+

But if you use AES_DECRYPT:

select id, username, AES_DECRYPT(password,'hash') as password, password_hash from users_test;

+----+----------+-------------+------------------------------------------+
| id | username | password    | password_hash                            |
+----+----------+-------------+------------------------------------------+
|  1 | username | my_password | 5eb942810a75ebc850972a89285d570d484c89c4 |
+----+----------+-------------+------------------------------------------+

You get the correct value. So, this is a safer solution than plain text:

https://dev.mysql.com/doc/refman/5.5/en/encryption-functions.html#function_aes-encrypt

bye!

Edited by cereal

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.