Welcome Guest, Not a member yet? Register   Sign In
Verifying an md5 password against plain text?
#15

[eluser]jedd[/eluser]
Cheese,

You can also streamline the logic a touch - and instead do something like this in your model:

Code:
SELECT
    *
FROM
    user
WHERE
    name = $name_from_form
AND
    password = md5($password_from_form)

By making the encrypted or hashed version of the password one of the criteria for selection, you never retrieve the user's details UNLESS they've entered the right credentials. It's the same performance as retrieving the row and then comparing the password field to your encrypted password - but seems to me to give less away to any ne'er-do-wells. It also reduces your code size slightly by amalgamating the 'wrong password' with 'user name not found' errors into one.


Messages In This Thread
Verifying an md5 password against plain text? - by El Forum - 11-05-2009, 03:00 PM
Verifying an md5 password against plain text? - by El Forum - 11-05-2009, 03:21 PM
Verifying an md5 password against plain text? - by El Forum - 11-05-2009, 03:52 PM
Verifying an md5 password against plain text? - by El Forum - 11-05-2009, 03:56 PM
Verifying an md5 password against plain text? - by El Forum - 11-05-2009, 04:02 PM
Verifying an md5 password against plain text? - by El Forum - 11-05-2009, 04:04 PM
Verifying an md5 password against plain text? - by El Forum - 11-05-2009, 04:04 PM
Verifying an md5 password against plain text? - by El Forum - 11-05-2009, 04:05 PM
Verifying an md5 password against plain text? - by El Forum - 11-05-2009, 04:13 PM
Verifying an md5 password against plain text? - by El Forum - 11-05-2009, 04:44 PM
Verifying an md5 password against plain text? - by El Forum - 11-05-2009, 06:58 PM
Verifying an md5 password against plain text? - by El Forum - 11-05-2009, 07:47 PM
Verifying an md5 password against plain text? - by El Forum - 11-05-2009, 08:07 PM
Verifying an md5 password against plain text? - by El Forum - 11-06-2009, 04:00 AM
Verifying an md5 password against plain text? - by El Forum - 11-06-2009, 04:05 AM



Theme © iAndrew 2016 - Forum software by © MyBB