How to encrypt passwords in table

pablogosse

Hi all. I've got a table which holds user information for a CMS I'm developing, and I'm looking into how to encrypt the passwords in this table such that they couldn't be interpreted if someone were to gain access to the table.

The database is PostgreSQL by the way.

I've never had to deal with anything like this before and am kind of confused.

Would I create some kind of stored procedure or function in the database that would perform the encryption/decryption for me? Or somethign similar to this idea?

Can anyone offer advice here?

Thanks,
Pablo

sid

you could either use a PHP encryption first and store them then (check www.php.net) - OR store it like this:

INSERT INTO tablename (password) VALUES (MD5($password));

im not positive if the syntax is 100% correct for mysql - but i think it works

[deleted]

usually, I use a self-defined founction and the base64encode() to encrypt the most important things.

I heard that you can't decrypt the strings encrypted by md5,but I am not certain.you can learn something from mysql itself,it stores password in mysql->user with password() ones.

[deleted]

"usually, I use a self-defined founction and the base64encode() to encrypt the most important things."

well that takes a hacker at least an extra 5 minutes to break 🙂

"I heard that you can't decrypt the strings encrypted by md5,but I am not certain."

Indeed you cannot, and that is what makes md5 perfect for passwords.

The idea of 'encrypting' passwords is that a hacker who breaks into your database cannot read the passwords (asif a hacker who gets into your DB would still need them...). But if you really encrypt, that means you use a key to encrypt and you need the same key to decrypt, and that means you must store that key somewhere on the server where PHP can find it. And surely any who can get into your database will have little problems getting into your PHP scripts too, so encryption is not safe enough.

MD5() is irreversable, you can only break it through brute-force (trial and error), and with a password of 16 characters that will take you a few years.

The only drawback is that you cannot get the user's password back when he or she reports to have forgotten the password. But that's ok, you can just issue a new password and send it to their email adres. That is also more secure because the people who forget passwords tend to also be the ones who write it down on a piece of paper in their top drawer, so a password change is always a good thing.

sid

i agree 100% and suggest "applied cryprography" by bruce schneier for people who are interested in more about this topic.

ozzythaman

what you are looking for is md5, the passwords will be encrypted and no one can see what the password is, not even you... one way encryption...

md5(pass) -> store in db

then when someone enters password:

md5(pass) == md5indb ?
yes: correct pass
no: not correct

niyogi

My general strategy is to use md5 to encrypt passwords. if the user forgets the password, he can supply his e-mail address to have a new one generated and sent to the e-mail address.

To strengthen this further you can have a secret question/answer combination added in so that passwords aren't just generated by supplying the e-mail address but with the secret question answered as well.

-niyogi
pghoster.com
postgresql hosting

michael

I tend to disagree.

According to the RSA, MD5 can be insecure. It rounds the bits up to an even number.

There are a certain number of permutations in the MD5 hash. In short, it can be unhashed to a set of possible passwords.

You should use SHA-1 instead of MD5.

Documentation:
- http://www.mysql.com/doc/en/Miscellaneous_functions.html
- http://www.faqs.org/rfcs/rfc3174.html Calculates an SHA1 160 bit checksum for the string, as described in RFC 3174 (Secure Hash Algorithm).

PS: MD5 and SHA is not "one-way encryption" it is a HASH. It's a facsimlie of the password. Like a fax-document. It is a digitally-correct representation of the password as it was at/of the time of creation.

I hope this helps to make your system safe from me. =)

niyogi

Considering this is a PostgreSQL topic, where is the SHA encryption scheme?

-niyogi

michael

I have not scanned the PGRE manual for the function.

If it does not exist, write your own.

Remember, Security = 1 / 1.072 * Convienance.

Thus, the more secure your system ,the more miserable you and your users will tend to be.

(Source; Unix System Adinistration Handbook, ISBN 0-13-020601-6)