Password Encoding

The_Chancer

Just a little code snippet for you....

Creates a rather nice password string that can be included in a database.
Slightly better than using an MD5 hash, which can't be decrypted, and as the 50string key is randomly created each time, fairly difficult to crack.

Anyway - have a look, if you have any comments, please feel free to let rip.

<?php
ini_set("display_errors",0); //stop warning about IV not being set
$varchars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789!£$%^&*()_+-={}[]:@~;#<>?,./';
if (version_compare(phpversion(), "4.2.0", "<"))
{
	mt_srand(make_seed());
}
function make_seed() {
    list($usec, $sec) = explode(' ', microtime());
    return (float) $sec + ((float) $usec * 100000);
}
//check for version - no need to seed the random number if 4.2.0 or greater
function make_key($varchars)
{
$keyphrase = '';
while (strlen($keyphrase) < 50) // if less than 50 chars - keep adding
{$keyphrase .= substr($varchars, (mt_rand()%strlen($varchars)), 1);} // add random letters etc from the string above
return $keyphrase;
}
$keys = htmlentities(make_key($varchars));
$pass="This pass is now encrypted";
$encrypt= mcrypt_ecb( MCRYPT_CAST_256, $keys, $pass, MCRYPT_ENCRYPT, 64); 
$decryptedValue= mcrypt_ecb( MCRYPT_CAST_256, $keys, $encrypt, MCRYPT_DECRYPT, 64 ); 
echo "Key: ".$keys."<br>\n";
echo "Encrypted Password: ".base64_encode($encrypt)."<br>\n";
echo "Decrypted password: ".trim($decryptedValue)."<br>";
?>

laserlight

will need to compile PHP with mcrypt library though, methinks.

The_Chancer

Ahh - that is very true - I did that first....