md5 for user password authentication?
9 posts
• Page 1 of 1
md5 for user password authentication?I've enabled the user authentication feature, but I don't want my users' passwords stored in the mysql database as plaintext. Is there a way to enable md5 password storage for user authentication?
In the users table fields.ini file. If your password column is named 'password', you would have:
First, I want to say that Xataface is great! Thanks! md5? Is that safe enough? Is it possible to use AES encryption? AES_ENCRYPT() and AES_DECRYPT() "can be considered the most cryptographically secure encryption functions currently available in MySQL" according to the Mysql documentation. Thanks in advance!
Currently only md5, password, sha1, and encrypt are supported.
At your suggestion I have added aes_encrypt to my dev version to be in the next major release. It is easy to add. In the Dataface/Serializer.php file, you'll find a section:
Just add another case for aes_entrypt as follows:
Note then you would have in your fields.ini file:
And you would need to specify a password in your conf.ini file:
-Steve
Thank you very much Steve!!! I'll will try this as soon as possible!
I forgot to note that I also added the line:
in the snippets above.
Where exactly shall I add that line? Once again, Thank you!
9 posts
• Page 1 of 1
Who is onlineUsers browsing this forum: No registered users and 22 guests |