can some one knows

12/02/2010 07:19 marlyandedsel#1
my password in my pserver is

password: 1041978372005
in my mysql it is ???? ??T??}?OB

if i'm going to create register page
and register the password which is

password: hello
in my mysql it is hello

how to convert it like the above or something like that..

thanks in advance ....
12/02/2010 09:16 pro4never#2
Sounds like your source is using encrypted passwords in the database.

You can do one of three things.

#1: Encrypt the password before adding it to the database. Requires decent knowledge of php or use an existing register script that has it

#2: Don't enter a password to the database and simply set it on user first login (check if db password blank and then set it to the encrypted password received from the client)

#3: Don't encrypt database passwords. Do this through decrypting the password before checking it vs database password.


Simple stuff really.
12/02/2010 09:22 marlyandedsel#3
Quote:
Originally Posted by pro4never View Post
Sounds like your source is using encrypted passwords in the database.

You can do one of three things.

#1: Encrypt the password before adding it to the database. Requires decent knowledge of php or use an existing register script that has it

#2: Don't enter a password to the database and simply set it on user first login (check if db password blank and then set it to the encrypted password received from the client)

#3: Don't encrypt database passwords. Do this through decrypting the password before checking it vs database password.


Simple stuff really.

i will try your advice
12/02/2010 15:16 Basser#4
Quote:
Originally Posted by pro4never View Post
Sounds like your source is using encrypted passwords in the database.

You can do one of three things.

#1: Encrypt the password before adding it to the database. Requires decent knowledge of php or use an existing register script that has it

#2: Don't enter a password to the database and simply set it on user first login (check if db password blank and then set it to the encrypted password received from the client)

#3: Don't encrypt database passwords. Do this through decrypting the password before checking it vs database password.


Simple stuff really.
Easy? Maybe if you take the crypto from some public source, but if you don't, it won't be that easy. Except for method 2, which since the new password cryptography was added is a very bad method.
12/02/2010 15:18 JobvdH#5
Quote:
Originally Posted by Basser View Post
Easy? Maybe if you take the crypto from some public source, but if you don't, it won't be that easy. Except for method 2, which since the new password cryptography was added is a very bad method.
Uhh yes maybe easy for him, but for some "Dummy Coders" its hard..
12/03/2010 01:08 pro4never#6
Quote:
Originally Posted by Basser View Post
Easy? Maybe if you take the crypto from some public source, but if you don't, it won't be that easy. Except for method 2, which since the new password cryptography was added is a very bad method.
Yes, I'm hopeless with php so method 1 is kind hard.

Method 2 is easy to do but not a good way of doing things.


#3 is easy but depends on how secure your db is... personally I have no issue with it but that's just me.
12/03/2010 16:56 marlyandedsel#7
Quote:
Originally Posted by JobvdH View Post
Uhh yes maybe easy for him, but for some "Dummy Coders" its hard..
yes method 2 is bad things... I am looking at the auth.. or what you called it.. in the source understanding how the password setting up in the database.... hmm.. kinda hard but still im on it now trying to understand...