如何在php中加密和解密密码 [英] How to encrypt and decrypt password in php

问题描述

请问

如何在php代码中加密密码？

然后如何在加密后对其进行decflty？


感谢

解决方案

为此，您需要编写自己的加密算法。

系统提供的函数sha_1和md5是un -decryptable"。

这一切都是有道理的，因为如果有公开可用的加密和解密函数会使它们相当无用。

PHP'' ■OpenSSL接口拥有加密/解密/散列甚至是一个非常棒的RNG所需的一切。


参见php.net/openssl

基本上......对密码进行md5加密..


但是50％的世界密码都是密码，所以在进行频率分析时可以猜出密码。（虽然它需要一些工作）。


所以你最好添加一些盐（随机字符串每个用户的密码为16个字符或8个字符。


现在md5密码和盐然后根据数据库进行验证。


因此，即使各种用户的密码相同，你的盐（每个用户都是唯一的）也会使密码不同。（因此基本上没有相同的数据库模式）。


用于验证


从用户那里获取密码，并为他的用户名取盐。

对他们两人做md5并检查数据库。

展开 | 选择 | Wrap | 行号

can i ask
how to encrypt an password in php code?
then how to decrpty it after encrypt?

thanks

解决方案

To do this you need to write your own encrypting algorithm.
The system supplied functions sha_1 and md5 are "un-decryptable".
This all makes sense really because if there were publicly available functions that encrypted and decrypted it would make them fairly useless.

The PHP''s OpenSSL interface has everything you may ever want from encryption/decryption/hashing and even an awsome RNG.

See php.net/openssl

Basically... Do md5 on the password for encryption..

But 50% of worlds password are "password", so doing on the frequency analysis one can guess the password.(Though it require some work).

So you better to add some salt(string of random characters 16characters or 8 characters) for password of each user.

So now md5 the password and salt and then validate it against database.

So even if the passwords for various users are same your salt(unique for each user) make the passwords different.(So no same patterns in the database basically).

For validating

Take password from user and for his username fetch the salt.
do md5 on both of them and check against the database.

Expand|Select|Wrap|Line Numbers

这篇关于如何在php中加密和解密密码的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！