用户标识和密码的加密 [英] encryption of user id and password

问题描述

我需要登录用户名和密码的加密帮助，并且还想知道(登录后)如何限制未经授权的用户打开其他页面，然后在浏览器上分别输入url.

I need help of encryption of user id and password for login , and also want to know(after login) how restrict unauthorized users to open other pages diractly typing url on browser.

推荐答案

您好，

您可以使用MD5或SHA算法对用户名和密码进行加密.我认为在数据库中存储加密信息没有问题.您可能唯一的问题是如何检索身份验证信息.对吧?

加密用户名和密码时，您可能需要考虑一些事项
这不会完成(如果用户名，密码已加密)
1)当用户忘记密码时，将密码发送到用户的电子邮件中.唯一的方法是更改​​密码.
2)无法从电子邮件地址检索用户名.

因此，我建议您仅加密密码并保留用户名不变.因此，将来您可以从电子邮件地址中检索用户名.

在检查身份验证时，您不需要解密密码，而是需要对输入的密码进行加密，并将用户输入中的加密密码与数据库现有条目进行比较.

希望它对您有用.

Hi,

You can use MD5 or SHA algorithm to encrypt your Username and password. I think there is no issue of storing encrypted information in the database. The only issue you may have is how can you retrieve the authentication information. Right ?

When you are encrypting Username and password Some of the things you may need to consider
This will not done (if Username,Password is encrypted)
1) Sending password to User''s email when he forgot his password. The only way is to change the password.
2) Retrieve username from email address will not possible.

So, i suggest you to just encrypt password and leave username as it is. So in future you can retrieve username from email address.

At the time of checking authentication, you do not need to decrypt the password instead you need to encrypt entered password and compare encrypted password from user input with the database existing entry.

Hope it will work for you.

这篇关于用户标识和密码的加密的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！