By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
435,318 Members | 2,116 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 435,318 IT Pros & Developers. It's quick & easy.

how to encrypt password in MySQL database?

100+
P: 170
hi guys,
i would like to ask thing son encryption of data
presently i'm setting up a mysql database to store usernames and password for authentication

is there ways i can encrypt the column passwords even to the database administrator? i know of MD5 but how do i actually go about doing it?
May 12 '08 #1
Share this Question
Share on Google+
5 Replies


Atli
Expert 5K+
P: 5,058
Hi.

There is a simple way to do that by using either the MD5 or SHA1 hashing functions. The essentially do the same thing, but the SHA1 function creates a longer hash, which makes it more secure.

Just do something like this:
Expand|Select|Wrap|Line Numbers
  1. INSERT INTO myUserTbl(UserName, Password) 
  2. VALUES('myUserName', SHA1('myPassword'));
  3.  
And then, when it comes to validating the password you can do something like:
Expand|Select|Wrap|Line Numbers
  1. SELECT UserID FROM myUserTbl 
  2. WHERE UserName = 'myUserName'
  3. AND Password = SHA1('myPassword');
  4.  
This way, nobody can read any of the passwords, not even with full access to your database.
May 12 '08 #2

100+
P: 170
Hi.

There is a simple way to do that by using either the MD5 or SHA1 hashing functions. The essentially do the same thing, but the SHA1 function creates a longer hash, which makes it more secure.

Just do something like this:
Expand|Select|Wrap|Line Numbers
  1. INSERT INTO myUserTbl(UserName, Password) 
  2. VALUES('myUserName', SHA1('myPassword'));
  3.  
And then, when it comes to validating the password you can do something like:
Expand|Select|Wrap|Line Numbers
  1. SELECT UserID FROM myUserTbl 
  2. WHERE UserName = 'myUserName'
  3. AND Password = SHA1('MyPassword');
  4.  
This way, nobody can read any of the passwords, not even with full access to your database.
hi,
hm..with respect to yr validation part
i realise when i printed this SQL statement on mysql client
it returns me an empty set
so i'm not sure if that really works
May 27 '08 #3

Atli
Expert 5K+
P: 5,058
hi,
hm..with respect to yr validation part
i realise when i printed this SQL statement on mysql client
it returns me an empty set
so i'm not sure if that really works
It does work. I've used this method on several projects myself.

If you are using the exact code I posted tho, the problem may be that I misspelled the second password. It should start with a lowercase 'm'.

I've corrected the typo in my old post.
May 27 '08 #4

100+
P: 170
It does work. I've used this method on several projects myself.

If you are using the exact code I posted tho, the problem may be that I misspelled the second password. It should start with a lowercase 'm'.

I've corrected the typo in my old post.
opps alright i know the problem
i declare the my length for my password in my password field too short
that's why the verifying ran into problems
thanks anyway atli
May 28 '08 #5

P: 1
Thanks Atli, it really works.I have tried it.You're just GR8 !!!
Apr 24 '12 #6

Post your reply

Sign in to post your reply or Sign up for a free account.