This question already has answers here:
Closed 11 years ago.
Possible Duplicates:
I Have md5 encrypted password, how to give the password to user when he uses “Forgot password”?
PHP:How to send the original password to the user when he clicks forgot password which is encrypted by using md5?
I do not know is it the right way to ask this question but I am implementing my own membership script in PHP and right now, I am stuck with the retrieving the MD5 codes from database. OK, I insert the user info to the database and because of the security issues I encrypted the password before saving it to database but my question is that when I try to create a forget your password stuff, how can I get the unencrypted password from the database. By the way I use MySQL and my question is not about inserting or retrieving data from database, I only ask how can I reverse the MD5 thing. Thanks in advance!
You can't. MD5 hashes, or hashes in general, are not reversible. That's exactly the reason why you're using them in the first place to store passwords, because you do not want the responsibility of knowing the actual password.
Forgot password functionality is implemented by sending an email to the user with a one-time link he has to click on and letting him enter a new password.
MD5 was intended to be one-way, but it's now thoroughly insecure. If you're actually serious about having any measure of security, rather than just going through the motions, you have some reading to do:
http://chargen.matasano.com/chargen/2007/9/7/enough-with-the-rainbow-tables-what-you-need-to-know-about-s.html
SHA512 vs. Blowfish and Bcrypt
http://codahale.com/how-to-safely-store-a-password/
Actually you don't get the password back ever again,
You hash the password entered and compare to the has in your database, thats how it works :) good luck
MD5 is a one-way hash so reversing it wont work.
How you do it is performa comparison against what is stored for example:
SQL for entering the user:
INSERT INTO `users` (`username`, `password`) VALUES ('$username', MD5('$password'));
This will mean that the password is stored as a hash.
When someone tries to log in you do the same thing but in a select statement:
SELECT * FROM `users` WHERE `username` = '$username' AND `password` = MD5('$password');
If there's a result, then the user is authenticated, if there's more than 1 result, then you have fun :)
For the forgot password bit, you are better to set up a chain where the user's are emailed a code and a link. Where they can enter that code on the "password reset" page as well as a new password.
HTH
There are various ways to deal with forgotten passwords, but figuring out the original password from an MD5 hash isn't really one of them.
For the record, however, you really shouldn't be using MD5 for this (or much of anything else related to security). MD5 is pretty badly broken -- unless there's absolutely no choice in the matter, switch to something else (oh, but you should also know that SHA-1 is only a little better than MD5).
Related
I am training to secure the login process.
I have used sha 256 in the sign_up.php:
$username= check_input($_POST['username']);
$password= check_input($_POST['password']);
//the password is encrypted in sha256
$secure_sign_up_password = hash('sha256', $password);
and then of course in my users table in my SQL database, I can read:
in the column 'login' the actual typed login
example: if somebody type 'michael', I will see 'Michael' in the SQL database
in the column 'password' the actual typed login
example: if somebody type 'fruit', I will see the hashed value like 'e8bfab56c53980cd014206c8da2f8c9b9708eaacc61' in the SQL database
My question is simple but maybe a bit naive (I'm a newbie): I thought that I could still be able to read the actual password somewhere in my database and that hashing was only made to protect the password from getting intercepted and read while it was being sent. I never know, somebody might ask me to send him his real password. But the only thing I can see is the 'hashed' one in the password column.
Is it made to be like this?
Is it possible to visualize also the real password?
If you would be able to "decode" those passwords, it wouldn't be a very safe system. Once someone gained access to your database - they would be able to gain access to every ones passwords without them knowing...
If you have ever forgotten a password for a site (and we all have - don't deny it!), you'll recall that they usually* don't simply send you your password (in plain text) as a reminder to your email - they'll give you the opportunity to reset it. This way (verifying usually through your email/phone number) they'll know that you are indeed the person who opened the account.
* If they send you your password in plain text that probably means they are storing it like that or in some other easily decrypted form. This site is most likely not as secure as they would like to think...
If you are interested in leaving yourself a "backdoor" of sorts to be able to access any of your users accounts, what you might think of doing is having a special login form from inside your administrator account, that allows you to use the encoded password to log in. That means that you simply leave out the hash('sha256', $password) and pass the $password already encoded (which you extract from your database). It's a bit hacky, and if you already have an administrator account then there wouldn't be much use to be able to log in as a different user because you are already all powerful!
This is by design. Nobody should know what my password is, except for me. Even you as a (insert fancy title here) should not know my password. If I forget it, that's my problem, but your site should offer me a way to reset it. Then when I reset, your site should store the hash once again. The plain-text password should never be stored anywhere.
Never never never hold password in open format in database. If someone find exploit in system, he will be able to make any sql query and get users passwords. And hacker will be able to login into system as user, because he knows username and password
If user want restore password, make functionality for regenerating password. Never store password in plain text.
SHA256 is hash function. Mathematically it means - data can be "hashed" only in one way. I mean, that from hash you cannot restore data. You can read this http://en.wikipedia.org/wiki/Hash_function about hash functions and this about http://en.wikipedia.org/wiki/Sha256 sha256
Result: If someone crack you database and get username and password, he is unable to login into system. Because hacker have only hash data and can't get exactly password for login.
As i mentioned before, hash function can be "hash" data only in one way. But some hackers build VERY big data massive for some predefined algorithms. I mean, that they build hash tables for passwords. Such hash tables looks something like this:
password hash
------------------
a some_hash1
b some_hash2
... .....
qwerty some_hash3
some_data some_hash3 -- yes, data can have collisions. See wiki about hash functions
And if hacker hacked you database and have such table, he able to restore password. For example, hacker get for admin user hash "some_hash3", then hacker search such hash in hash table, find that hash "some_hash3" have password "qwerty" and "some_data" and hacker will try to login with such passwords.
Result: Use salt. For nowadays hackers have such tables for 6 symbols passwords. But you can "suck" them in very simple technic: When you store password in database, add to password some value (salt) and get from such value hash:
// somewhere in code, where creating/updating users password
$password = hash('sha256', $salt.$password);
and when you will check password, use the same logic
Thanks
sha256 hashes and other hashes are one way. See http://en.wikipedia.org/wiki/Cryptographic_hash_function. If you want to be able to decrypt what you write in the password fields in your database, you might want to use another approach.
Instead of creating a hash, you could encrypt with a key, that you do not share with your users. Look at http://www.php.net/manual/en/book.mcrypt.php. The key would be part of your code though, as it's symmetric encryption.
To do it really safe, try real PKI encryption (encrypt with a public key, decrypt with a private one). Look at php.net/manual/en/function.gnupg-encrypt.php or php.net/manual/en/book.openssl.php.
But as other here have said, such things are reasonably NOT done ;)
Hi guys recently I started using
$salt = $uniqueSalt;
$cryptpassword = md5($salt.$password);
How would I convert all password in my mysql database with this so it doesnt affect the users?
the passwords in my database atm are in plain text, I want to convert all the plain text passwords to md5 with the salt
I recommend you read more about salts and how to use them. They should not be a constant string, but something unique to each user. For example username. Or my personal favorite: registration date (with the precision of 1 second, of course).
Also, if you store the passwords in your DB as MD5 hashes, there's no way to convert the passwords. MD5 is one way hashing, you can't obtain the original passwords in order to apply the salt and rehash. If you absolutely want to apply this, then the only way you can do this is force each user to change his password and apply the new algorithm when they do. There are 2 problems with this:
most users are not going to like this
you must keep track of which user made the change and which didn't. This is to prevent problems when logging in.
just like this, but you have to change your login, so you dont check for their password but for md5($salt.$password);
but as my forposters said, its not much securer and if the password isnt already plain in your database you probably wont get it as plain text if it has been hashed
I'm making a registration form, my only doubt is how to handle passwords (how to insert them into MySQL database). I don't have the slightest idea on how to do it, what type of column must Passwords be, whether I must encrypt them somehow, etc. Could you provide a basic example with explanation so that I manage to do it?
You don't want to store the password as-is in plaintext. You don't even want to be able to know what the password is. Therefore, you store a hash of the password in your database. When the user wants to log in, you hash the password he's trying to login with, then compare that to the hash in the database. Any serious password storage system furthermore salts the hash to prevent rainbow table attacks against the password (google that). Since this is a rather complex topic and you apparently have no experience with it at all, I recommend you use phpass to hash and salt your passwords without worrying about the implementation details. The phpass site also has some good introductory articles about the topic. Here's another one that keeps it really simple.
As for the database, that'll just be a normal VARCHAR field long enough to hold the hash.
Read this: http://codahale.com/how-to-safely-store-a-password/
Then do this: http://www.openwall.com/phpass/
You should not store password, password hash only.
Database type should be choose after you will choose hasfunction.
For md5/sha512 it will be char(32) if you will keep hex representation
Query is something like this:
"INSERT INTO users SET otherFields,pass_hash='".hashFunc($_POST['password']."';
where hashFunc generates hash ex
function hashFunc($pass){
$salt='something';
md5($salt . $pass);
}
The only way to safely secure a password is using a Moore's Law-defeating hash function. Use bcrypt!
One of the ways it can be done is by using md5. You convert the password to md5 and put it in the database (md5 encryption is one-way) when the user logs in again you convert the filled in password again and check if the converted password is somewhere to be found in your database (in combination with a username usually).
EDIT
You can make a string into an md5 string with this:
$converted_pass = md5($unconverted_pass);
However you will need to add a so called salt-key to the password before you encrypt it with md5. This is a set of letters/numbers etc. If you do this every time you will have the same result but it will be quite safe :)
I have a very basic logon system, that authenticates users by the means of a user table in a mysql database with php.
can someone explain what the point of hashing passwords it, how to do it with php, and what is actually stored in the database.
Thanks
can someone explain what the point of
hashing passwords it,
The point of hashing passwords is for security purposes. If inserted as plain text, anyone that gets into your database will now have all of your users passwords. Another huge problem that stems with this is that it more than likely compromises the user everywhere, not just your site, as most people tend to use the same password everywhere.
how to do it
with php, and what is actually stored
in the database.
To use it in PHP you simply take a string, in this example $password = 'password'; and use the command sha1();. This will return something like d0be2dc421be4fcd0172e5afceea3970e2f3d940. It is also good practice to 'salt' passwords with your php script, so that the PHP script login script is required to successfully log in. Example:
<?php
$salt1 = '2348SDasdf!^*__';
$salt2 = '_a35j#*#(lsdf_';
$password = sha1($salt1.$_POST['password'].$salt2); // d0be2dc421be4fcd0172e5afceea3970e2f3d940
?>
Then insert $password into your database. Upon logging in, you would need to salt the password given run it through sha1 in order for it to match the password in the database. You insert it into the database just like any other string, just make sure you have sufficient length granted to the column you're attempting to insert too.
Say someone breaks into your system (or finds a loophole in your sql queries) then you don't want them to know all passwords.
So you hash them before storing them. So you can check if the password is ok, but not deduce the password from the hash.
Unless you use a weak hash. If you would only sha1($password) then you will find putting the hash of often-used passwords into google gives the password in under 0.1 sec.* (but otherwise you could also find rainbow tables for all kinds of hashes)
So you want to add a "salt", that means, you generate some garbage value:
$salt = rand().rand().rand();
and then store
$hash = $salt."-".sha1($salt.$password);
on checking, you know the salt and you can check if the password is right, but knowing the hash and salt makes it still hard to recover the password. (unless you have a rainbow table which includes the salt, of course)
* this needs some explanation: I once took a large user table and found some hashes to appear multiple times. I googled the most-occurring one and it reversed to computer
A hash is a "one-way function". You feed in a password and get an approximately unique output that cannot be (computationally feasibly) converted back into the real password. Depending on the hash, it will look different. For instance, with sha1 (http://php.net/manual/en/function.sha1.php) you will always get a string 20 bytes long.
The benefit is that the real password is never stored in plaintext. To verify the user's password, you just compute the hash on the supposed password and compare it to the stored hash. If somebody gets a hold of your password database, they still don't have the actual passwords.
Noone has said why yet, so let me: most users are idiots and use the same password everywhere. You don't want a hacker to break into your system, grab the passwords then go and hack your users accounts everywhere else.
I am currently using md5 function to encrypt my password and save to mysql db which can not be decrypted.
Now my user want that when they forgot password, they should get same (old) password instead of new password.
So my question is that what should i use to encrypt my password and store in mysql Database.
And i can decrypt that password also.
i am running on php and mysql.
Thanks
Avinash
Don't do that...
First, use something better than md5. Then create a way to "reset" the password, but never a way to actually retreive the password from the db...
That will make your app less secure, but maybe even worse; you and your users will have a problem if your data gets stolen! Someone is going to have a database with usernames and passwords of all your users!
Encrypting instead of hashing means that you have to store the decrypt key, which means reduced security for your app. Reset their password, and send them the new one.
Don't do that, it will compromise your security! The whole idea of one way encryption is that if your database is hacked you won't face the problem that all your users passwords will be known alongside with their email addresses!
how about crypt() or openssl?
It's not safe to do that you better can create a way to reset the password
If you're running an internal private site with no security issues, just store passwords with XOR 0xAD each byte. Otherwise, reset is the only option.
It is not possible to store the password in such a way that it is still recoverable without either
1) storing the decryption key in your code/data (which rather defeats the purpose of hashing/encrypting the password)
2) encrypting the password using public/private key encryption the routing the recovery through som sort of semi-manual process where the password can be recovered.
The simplest solution is to require your users to provide/maintain a current email address and rely on the security of that to provide a new password on request.
C.
create dynamic salts ( 2, one 'permanent' to mix with the password before hashing / crypting, other one dynamic, changing every time user logs in );
$dynamicSalt = '';
for ($i = 0; $i < 8; $i++)
{
$dynamicSalt .= chr(rand(33, 126));
}
never save passwords in any manner that can help you 'decode' them later, it's not up to you to retrieve original password but to let users reset it
If you really need to save the original passwords, create a database account with WRITE permissions only and store it in some other database ( on another server ? ).