[thelist] Re: best way to check for valid user/password in PHP

[Seb]

<snip summary="much info about creating and storing MD5 hashes of passwords
and comparing them" />

If you create an MD5 hash of a password and store it, then you might as
well have just stored the password in plain-text, because it's not the
PASSWORD that you're using any more, it's the MD5 hash. Which means
although your application does the conversion from plain-text to MD5, your
database doesn't care. If your DB is also used for things like FTP access,
etc, then you're opening up yourself to a lot of trouble.

Always, always use your database's built-in functionality for creating
passwords or encrypted fields, unless you know you can do better. (Can you,
really?) These functions really are one-way encrypted. This means that once
you put the plain-text in, you can never know what it is unless you can
brute-force it. The encrypted value is entirely useless, the database will
not recognise it if you use it for anything.

Another extremely important point is that very few databases use MD5
because it's increasingly becoming prone to attack. There are huge
databases of pre-computed MD5 dictionaries that cover enormous combinations
of characters. Pretty much every value you could use for a password has
already been calculated, and it's the task of only a few minutes to look up
the encrypted value and find the plain-text equivalent.

Remember, you can't just write security into an application with a one-line
check. Build it in from the ground up. Securing input is pointless if your
storage is insecure.

- seb

--
seb can be found at http://poked.org