MySQL :: Re: AES Encrypt

Contact MySQL |
Login | Register

The world's most popular open source database

Documentation Downloads MySQL.com

Developer Zone

Section Menu:

New Topic

Re: AES Encrypt

Posted by: Mike Jorgenstam
Date: March 25, 2010 05:16PM

I would recommend you never store passwords in reverse modes (allowing reverse lookups)

Instead store passwords using the same principles as everyone else and use a HASH for example SHA2 which is more than enough.

Two reasons.
a: If the user forgets his password, are you sure he is the user?
Have a way to reset passwords instead by identifying the user.

b: There is never a need for a server admin to ask for a users password.
If he does, are you sure he is the admin and has access to the server?

PS I do believe you meant DES or AES encryption.

Edited 1 time(s). Last edit at 03/25/2010 05:07PM by Mike Jorgenstam.

Navigate: Previous Message• Next Message

Options: Reply• Quote

Subject

Views

Written By

Posted

EAS Encrypt

4793

Thiago de Melo Carvalho

February 05, 2010 11:59AM

Re: AES Encrypt

2149

Mike Jorgenstam

March 25, 2010 05:16PM

Sorry, you can't reply to this topic. It has been closed.

Content reproduced on this site is the property of the respective copyright holders. It is not reviewed in advance by Oracle and does not necessarily represent the opinion of Oracle or any other party.