Password Encryption Method? : PASSWORD() versus md5?

StackOverflow https://stackoverflow.com/questions/7967734

  •  18-02-2021
  •  | 
  •  

Question

Just wondering if there are pros and cons to methods of password encryption... Typically, I'll use php and encrypt a password using md5 before inserting a new user into the database. I inherited a project recently and they use PASSWORD() in the sql insertion query to encrypt it. So, now I'm wondering if there's advantages to using one over the other?

Was it helpful?

Solution

See the MySQL docs for PASSWORD:

The PASSWORD() function is used by the authentication system in MySQL Server; you should not use it in your own applications. For that purpose, consider MD5() or SHA2() instead. Also see RFC 2195, section 2 (Challenge-Response Authentication Mechanism (CRAM)), for more information about handling passwords and authentication securely in your applications.

Below that note is one very good reason not to rely on that function:

Statements that invoke PASSWORD() may be recorded in server logs or in a history file such as ~/.mysql_history, which means that plaintext passwords may be read by anyone having read access to that information.

Passwords are generally best stored with salted hashes (SHA, etc.). Here's an answer which lists a few useful links about safe password storage.

OTHER TIPS

If someone is sniffing packets and you use PASSWORD, they'd be able to see "INSERT INTO USERS VALUES ('username', PASSWORD('secret'))". I think MySQL also has an MD5 function, but it shouldn't be used for the same reason.

SHA-1 and MD5 have been compromised, and it's recommended that you use SHA-256 with a salt value (possibly based on the username). Salts are basically strings tacked onto a password to help prevent use of rainbow tables to figure out passwords.

Both SHAx and MD5 are not encryption but hashing.

Take a look at the mcrypt library for actual encryption.

http://php.net/manual/en/book.mcrypt.php

EDIT: As pointed out by ircmaxell, passwords should not be encrypted (unless you are building a password manager) but one-way hashed with a random salt value. (ex: SHA1)

If you're doing it with PHP instead of MySQL, PHP recommends against using MD5 for securing passwords:

http://php.net/manual/en/function.md5.php

Instead, use the crypt function:

http://php.net/manual/en/function.crypt.php

To avoid specifying the cleartext password if you know its hash value (the value that PASSWORD() would return for the password), specify the hash value preceded by the keyword PASSWORD:

CREATE USER 'jeffrey'@'localhost'
IDENTIFIED BY PASSWORD '*90E462C37378CED12064BB3388827D2BA3A9B689';

As per wiki:

In 1996, a flaw was found with the design of MD5.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top