• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Saving Hashed Passwords in my database.php

#1
Looking for a way to store hashed passwords for my DB Connections in database.php file instead of plaintext.

Please let me know any examples.

Thanks,
Ashish
Reply

#2
Why? If somebody has access to your file system, they can investigate and find your DB credentials no matter where you put them, and no matter how you store them.
Reply

#3
I never did it but I believe that you can use Encryption Library.

But anyway, your encryption key will remain on the server. An attacker able to enter your server will surely be able to decode your passwords. The processing time will also increase due to having to decrypt the password every time you access the database. Maybe it's better to use a more reliable hosting.
Reply

#4
(06-19-2017, 08:35 AM)skunkbad Wrote: Why? If somebody has access to your file system, they can investigate and find your DB credentials no matter where you put them, and no matter how you store them.

Yeah I got your point but my employer doesn't want it to be saved as plain text. Hence, i was searching for the same.

Thanks for the Reply !
Reply

#5
(06-19-2017, 03:08 PM)natanfelles Wrote: I never did it but I believe that you can use Encryption Library.

But anyway, your encryption key will remain on the server. An attacker able to enter your server will surely be able to decode your passwords. The processing time will also increase due to having to decrypt the password every time you access the database. Maybe it's better to use a more reliable hosting.


Thanks Mate. But Searching for otherways.
I will use this if i have no other Options Smile
Reply

#6
https://defuse.ca/php-pbkdf2.htm

I adapted this class and put it in libraries. Easy to use!
Reply


Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


Users browsing this thread:
1 Guest(s)


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2017 MyBB Group.