Question on Mcrypt And MD5!

bigray

What's better to use MCRYPT or MD5?
How would you use both of them for a login, what's better?
Thanks...
Can you show me a example or a site that has both examples of how to use them..

bretticus

I'm not terribly familiar with MCRYPT, however, at a quick glance these appear to be two-way encryption algorithm functions. MD5, on the other hand, is a one-way algorithm (and consequently a function in PHP). One-way encryption algorithms are known as hashing, or taking a given amount of text and converting it into a set-length amount unique cyphertext that cannot be reversed.

MD5 hashing is a good technique to use for storing passwords in your database for example. You can use the built-in MD5 function in MySQL to hash the username (optionally more fields), with the real password to store a one-way encrypted value. Then upon login, you would re-hash this information and compare the results. If they are the same, the user can be authenticated.

Tell me specifically what you're trying to do so I can be more specific in answers.

bigray

Make a advanced login

laserlight

You probably have to define 'advanced'.

Do you mean advanced as in having many features, or advanced as in secure?

bigray

secure.
WIth forgot password and stuff.

Shrike

Hashing and a retrieve password facility do not go well together, unless you generate the password for each user rather than let them pick it themselves, since MD5 is by design a one-way encryption.

Before you go about making a login 'secure and stuff' I recommend that you have a good read on this forum and other PHP sites, to find out what 'and stuff' actually is 🙂