|Keep It Simple, Stupid|
Re: Ecrypting passwordsby skx (Parson)
|on Oct 06, 2003 at 00:02 UTC||Need Help??|
As has already been mentioned you can use MD5 for turning your passwords into unrecoverable strings inside your database.
If you do this you read the password from the user, apply the MD5 function and compare the result with that in your database, this is fast, easy and very standard.
However it suffers from two "drawbacks":
The first point may not be a big deal to you, I guess it depends upon the nature of your site.
The second point might be an issue if you have lots of forgetful users. In practise if you include a function for "resetting" your users passwords and mailing them a new one that will probably suffice.