http://qs321.pair.com?node_id=296820


in reply to Ecrypting passwords

 As has already been mentioned you can use MD5 for turning your passwords into unrecoverable strings inside your database.

 If you do this you read the password from the user, apply the MD5 function and compare the result with that in your database, this is fast, easy and very standard.

 However it suffers from two "drawbacks":

 The first point may not be a big deal to you, I guess it depends upon the nature of your site.

 The second point might be an issue if you have lots of forgetful users. In practise if you include a function for "resetting" your users passwords and mailing them a new one that will probably suffice.

Steve
---
steve.org.uk