Re: [PHP] encrypting passwords etc..

Thu, 17 Jan 2002 12:22:48 -0800 

"security is measured by the weakest link in the chain"

so I would say that the database needs to be well protected and
the password encrypted.

py


At 12:14 PM 1/17/2002 -0800, you wrote:
>We had a client who wanted us to encrypt their
>passwords. Our argument was that maybe their database
>is not well protected. Only the dba and the
>application should have access to the database.
>No-one else should be able to view their data anyways.
>We didn't see any need to encrypt the passwords.
>
>Any thoughts...
>
>
>
>--- Hawk <[EMAIL PROTECTED]> wrote:
> > Ok I got it working now, with the update and
> > database connect etc.. thanks
> > guys :)
> > this is not a problem(yet), more a thought.. is it
> > really necesary to
> > encrypt passwords, I mean, what does it prevent, me
> > from seeing them using
> > mysql.exe ? :p
> > I tried and it worked fine to almost all points..
> > worked with the user info
> > update and so on.. but I seem to do something wrong
> > and can't log back on
> > since I encrypted the password... :p
> > I used UPDATE users SET
> > password=password('$password') but by some reason I
> > can't seem to decrypt it on the login page.. any
> > help would again be
> > appreciated.. :)
> >
> > Hawk
> >
> >
> >
> > --
> > PHP General Mailing List (http://www.php.net/)
> > To unsubscribe, e-mail:
> > [EMAIL PROTECTED]
> > For additional commands, e-mail:
> > [EMAIL PROTECTED]
> > To contact the list administrators, e-mail:
> > [EMAIL PROTECTED]
> >
>
>
>=====
>Anas Mughal
>[EMAIL PROTECTED]
>[EMAIL PROTECTED]
>Tel: 973-249-6665
>
>__________________________________________________
>Do You Yahoo!?
>Send FREE video emails in Yahoo! Mail!
>http://promo.yahoo.com/videomail/
>
>--
>PHP General Mailing List (http://www.php.net/)
>To unsubscribe, e-mail: [EMAIL PROTECTED]
>For additional commands, e-mail: [EMAIL PROTECTED]
>To contact the list administrators, e-mail: [EMAIL PROTECTED]


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Reply via email to