Click here to Skip to main content
13,295,218 members (69,484 online)
Rate this:
Please Sign up or sign in to vote.
See more:
I am developing a website where the user need to register. After registration he can got some facility extra.

at the time of registration only the user will provide their email id and password.

Is it mandatory to encrypt the password in mysql.
If i am not doing so, then what can happen?

if it is mandatory then suggest me the way.
Posted 21-Sep-12 6:43am
Updated 21-Sep-12 6:44am
Rate this: bad
Please Sign up or sign in to vote.

Solution 2

Go through Why encrypt user passwords?[^].

It is not mandatory, but encrypted passwords will help the website to be free from Password cracking[^].

And Encrypting passwords with mySQL/PHP[^] will help you find different methods to do in PHP/mySQL.

Sourav Sarkar-SS 21-Sep-12 12:15pm
ok thanks
Peter Leow 2-Mar-14 0:36am
Very comprehensive answer, +5.
Tadit Dash 2-Mar-14 10:37am
Thanks Peter. :)
Rate this: bad
Please Sign up or sign in to vote.

Solution 1

Well my friend, It is not mandatory but is safe approach to do so....... You can search php reference to find out the ways to do so. I had designed a website wherein I simply generated the md5 hash of the password supplied by the user and this way whenever I received the password entered by user at the time of login, I simply generated it's md5 hash and then, compare it with the hash already stored in the database. i guess it as simple as well as reliable method but I cannot say anything about applying it in the real world application as mine was only a test website that I created only for learning...

Hope it can help you.

Tushar Srivastava
Sourav Sarkar-SS 21-Sep-12 11:54am
its not sufficient.
I need yes/no answer of my question.
then why?
Tushar Sriv 21-Sep-12 11:59am
You only need answer in either Yes/No?
Well then I will certainly say YES...
And the reason for this is, that there are many dangerous guys out there who always tries to peep into your security and if they succeed, then they will get the list of all the users with the passwords as well, it can be dangerous for users of your website as well as for you :-( So, it's mandatory to use Encryption in real world application.
Sourav Sarkar-SS 21-Sep-12 12:15pm
ok thanks
Tushar Sriv 21-Sep-12 12:16pm
It's all right :-)
Rate this: bad
Please Sign up or sign in to vote.

Solution 3

its not necessary to encrypt password but notice that not to put password in cookies or links and also not to show the password even to the owner , use password type only.

but its better to encrypt to safe the user info.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
Top Experts
Last 24hrsThis month

Advertise | Privacy |
Web02 | 2.8.171207.1 | Last Updated 1 Mar 2014
Copyright © CodeProject, 1999-2017
All Rights Reserved. Terms of Service
Layout: fixed | fluid

CodeProject, 503-250 Ferrand Drive Toronto Ontario, M3C 3G8 Canada +1 416-849-8900 x 100