Results 1 to 8 of 8
  1. #1
    Join Date
    Sep 2005
    Posts
    74

    Unanswered: Encrypt password field

    hello guys! i have a question hope you'll help me..how can i encrypt the data that is stored in my password field everytime i insert value to it and decrypt it if i want to retrieve it? thanks in advance!!

  2. #2
    Join Date
    Jul 2005
    Location
    jakarta
    Posts
    21
    I dont think you can in simple SQL. BUT some vendors (like Oracle) provide with functions specifically for that. E.g If you use Oracle 10g, you can use the Encrypt function, dbms_crypto...etc.

    if you do use oracle 10g, here is a good link for that:



    Mysql has a far simpler and equally powerful Encrypt function. just check out the manual if you do use Mysql.

    or here is the link:

    http://dev.mysql.com/doc/refman/5.0/...functions.html

    good luck

  3. #3
    Join Date
    Jul 2005
    Location
    jakarta
    Posts
    21
    Im sorry, somehow the link didnt show up. Here it is if you use 10g:

    http://www.oracle.com/technology/pub...n_encrypt.html

  4. #4
    Join Date
    Apr 2002
    Location
    Toronto, Canada
    Posts
    20,002
    daimous, looking at all your other posts, i'm going to guess that you are using microsoft sql server, and therefore move this thread to that forum
    rudy.ca | @rudydotca
    Buy my SitePoint book: Simply SQL

  5. #5
    Join Date
    Feb 2004
    Location
    One Flump in One Place
    Posts
    14,912
    .... in which case this will probably interest you

    http://www.dbforums.com/showthread.php?t=1217730
    Testimonial:
    pootle flump
    ur codings are working excelent.

  6. #6
    Join Date
    Jun 2003
    Location
    Ohio
    Posts
    12,592
    Provided Answers: 1
    Quote Originally Posted by daimous
    hello guys! i have a question hope you'll help me..how can i encrypt the data that is stored in my password field everytime i insert value to it and decrypt it if i want to retrieve it? thanks in advance!!
    If you are decrypting passwords, you don't understand how they are supposed to be used. Passwords should not need to be decrypted.
    If it's not practically useful, then it's practically useless.

    blindman
    www.chess.com: "sqlblindman"
    www.LobsterShot.blogspot.com

  7. #7
    Join Date
    Sep 2005
    Posts
    74
    i need to decrypt my password from my database since i encrypted it before storing it to my database, in the first place. So before i can get the "REAL" password i need to decrypt it..right? well anyway, can i get some more inputs..

  8. #8
    Join Date
    Jun 2003
    Location
    Ohio
    Posts
    12,592
    Provided Answers: 1
    Quote Originally Posted by daimous
    i need to decrypt my password from my database since i encrypted it before storing it to my database, in the first place. So before i can get the "REAL" password i need to decrypt it..right?
    Wrong.

    You encrypt your password using some algorithm and store the results in the database.
    When your user logs in with a password, thier password is encrypted using the same algorithm. If the results match what is stored in the database, the user's login is verified.

    You can write a sproc to encrypt the submitted password and return success or failure after comparing to the stored encryption string.

    Thus there is no need to decrypt passwords.
    If it's not practically useful, then it's practically useless.

    blindman
    www.chess.com: "sqlblindman"
    www.LobsterShot.blogspot.com

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •