如何将密码安全地存储在MySQL中并通过外部服务进行身份验证 [英] How can I store password securely in MySQL and authenticate to external services
问题描述
当前,我有一个PHP脚本,可通过IMAP连接到邮件服务器,并将新的电子邮件解析为MySQL.连接到邮件服务器的凭据使用纯文本存储在MySQL中,有什么办法可以加密存储在MySQL中的密码?
Currently I have a PHP script that connect to a mail server via IMAP and parse new emails to MySQL. credentials to connect to the mail server are stored in MySQL using plain text, is there a way I can encrypt the password that is stored in MySQL?
推荐答案
MySQL supports a AES_ENCRYPT() function. You can encrypt as you INSERT it to the database, and decrypt it as you SELECT it back out.
阅读我链接的文档以获取示例.
Read the documentation I linked to for examples.
然后,当您使用纯文本密码imap_open()时,请确保使用端口993与IMAP服务器进行TLS加密连接.
Then make sure you use port 993 for a TLS encrypted connection to the IMAP server when you imap_open() with the plaintext password.
这篇关于如何将密码安全地存储在MySQL中并通过外部服务进行身份验证的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!