The best way to encrypt and decrypt passwords is to use a standard library in PHP because the method of properly encrypting and decrypting passwords from scratch is complex and involves multiple possibilities of security vulnerabilities. Using the standard library ensures that the hashing implementation is verified and trusted.
Note: This uses the PHP Password API available in version 5.5.0 and above.
Encryption of the password: To generate a hash from the string, we use the password_hash[] function.
Syntax:
string password_hash[string $password, mixed $algo, [array $options]]
The password_hash[] function creates a new password hash of the string using one of the available hashing algorithm. It returns the hash that is currently 60 character long, however, as new and stronger algorithms will be added to PHP, the length of the hash may increase. It is therefore recommended to allocate 255 characters for the column that may be used to store the hash in database.
The following algorithms are currently supported when using this function:
- PASSWORD_DEFAULT
- PASSWORD_BCRYPT
- PASSWORD_ARGON2I
- PASSWORD_ARGON2ID
Additional options can be passed to this function can be used to set the cost of encryption, the salt to be used during hashing, etc in the $options array.
The below example shows the method of using the password_hash[] method:
Example:
php
Output:
Generated hash: $2y$10$7rLSvRVyTQORapkDOqmkhetjF6H9lJHngr4hJMSM2lHObJbW5EQh6
Decryption of the password: To decrypt a password hash and retrieve the original string, we use the password_verify[] function.
Syntax:
bool password_verify[string $password, string $hash]
The password_verify[] function verifies that the given hash matches the given password, generated by the password_hash[] function. It returns true if the password and hash match, or false otherwise.
php
Output:
Password Verified!
PHP is a server-side scripting language designed specifically for web development. You can learn PHP from the ground up by following this PHP Tutorial and PHP Examples.
You don't encrypt passwords, you hash them.
The point is, that you don't actually need the users password, you just need to know that they know it.
As an example, an absolutely terrible way to do that might be a simple count: e.g.
if the users password was 'horse123', you might store that as 8
. Then you just count the letters in the password, and if it's 8
, you know it's right.
That means that you never need to know the actual password.
Clearly that's awful, as there are many passwords with 8 characters! We need something with less 'collisions'.
Instead, we use one way hash functions. The most common way to do this is to use an MD5 hash. [it's not the best, but it's simple to explain]. For how to actually do this, look at //www.openwall.com/phpass/.
For the short and sweet version:
Get the users password, and do something like:
$pass = md5['somerandomtextthatyouknow'.$_POST['password']];
then, store that in your DB.
When they log in, you do the same again, and check that the hash in your DB.
This way, you never need to know the actual passwords, the passwords can be as long as you like, and if your database is stolen, the hashes are not useful to anyone [because we added in that random text].
So, now you understand that, read:
//www.openwall.com/phpass/
and absolutely read up on SQL injection and SQL prepared statements, else this is all a bit pointless!