The potential problem with a firewall is your web server must be able to connect to the database, that means if someone gets sloppy in the PHP code or just doesn't realize something is a security issue OR there is an exploit found for apache or PHP the attacker can get access to your server without ever being blocked by the firewall.
I see your point as well however if you are going to bother to encrypt the passwords why not use a more secure method? If passwords are already encrypted in the database it is trivial to write a tool to decrypt them, convert them to an md5 hash and update the passwords. Forcing the user to change passwords is a good idea, however I would still use a hash instead of reversible encryption because it is easy to implement and increases security transparently to the users and I can think of no good reason to need to know what the users passwords are (keeps system administrators as well as attackers honest). This is not hostile, I just come from system admin background and believe in making an application more secure if it doesn't affect the end user adversly :) Jason -----Original Message----- From: Scott Fletcher [mailto:[EMAIL PROTECTED]] Sent: Wednesday, October 09, 2002 2:48 PM To: 'SHEETS,JASON (HP-Boise,ex1)'; Scott Fletcher; [EMAIL PROTECTED] Subject: RE: [PHP] Encrypting passwords in a flat file before import Hi! I don't see yours in the PHP newsgroup. I understand what you meant and I don't have a problem with it. Problem is the password had to be changed at every 5th login. We have SSL features for the duration of the login period. So, the encrypt and decrypt will do fine and only the server will do that, not the end-user or their software. The login prompt become unavailable if the SSL connection is invalid. We also have a firewall, so cracking the database get harder. -----Original Message----- From: SHEETS,JASON (HP-Boise,ex1) [mailto:[EMAIL PROTECTED]] Sent: Wednesday, October 09, 2002 4:35 PM To: 'Scott Fletcher'; [EMAIL PROTECTED] Subject: RE: [PHP] Encrypting passwords in a flat file before import Storing passwords in MD5 or another hash is an excellent idea because it is generally not possible to decrypt them (if the user uses a bad password they can be brute forced but you can only do so much). By storing passwords in MD5 you protect your users passwords, if your database gets cracked their passwords are still relatively secure. You generally should not use a reversible encryption technique to store something like user passwords, the reason being that in order to decrypt the passwords you must store the encryption key in your code, when someone gets access to your code (which they will or at least you must assume they will) all they have to do is look in your code for your encryption key, after that decrypting your user's passwords is trivial. The worst thing is most users use the same password for almost everything that means that many of their other accounts are now compromised and they may not even know it. It can be argued the user should use a more secure password and not use the same one in many places however the user is a being of convenience and is unlikely to remember more than one password anyway :) In short this has been covered probably thousands of times on this list but I did not want a newer user to make the mistake of using an insecure method of storing passwords, either putting them in the DB in plain text or using a reversible encryption technique that is equally insecure because of the implementation. Jason Sheets, CCNA, MCSE -----Original Message----- From: Scott Fletcher [mailto:[EMAIL PROTECTED]] Sent: Wednesday, October 09, 2002 2:24 PM To: [EMAIL PROTECTED] Subject: Re: [PHP] Encrypting passwords in a flat file before import I was comparing it to what I was thinking about. Like if the field in the table (database) have a username and password. Then you encrypt it with features like this, then how can it be de-crypt if I had like a thousand users account. It was just a thought in my mind. Now based on your responses and feedback. It seem that the md5() is such a bad idea and instead, using mcrypt function would help. "Marco Tabini" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > I think that generally you do not want passwords to be decryptable. What > I normally do is try to encrypt whatever the user enters as a password > and compare the resulting encrypted string with what's in the database > to make sure they correspond. If the encrypting function is univocal > (and md5 is) then the correct password will always return the same > encrypted string. > > On Wed, 2002-10-09 at 16:06, Scott Fletcher wrote: > > Can it be de-encrypt??? I don't see how since you just use the function > > md5(). > > > > "Marek Kilimajer" <[EMAIL PROTECTED]> wrote in message > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > If you don't need the file to be changed to contain md5 encrypted > > > passwords use *fgetcsv() *to read the contenta, > > > then use *md5()* on the password and insert it into database using > > > mysql_query. No need to write a new file. > > > > > > Verdon Vaillancourt wrote: > > > > > > >Hi, > > > > > > > >I hope this question isn't too basic... > > > > > > > >I have a flat file (CSV) that I want to import into a mySQL db via > > > >phpMyAdmin. The file has about 1200 rows and is in a format like: > > > >"value","value","password","value","value","etc" > > > >The passwords are in clear text. I need them to be encrypted in md5. > > > > > > > >Is there any advice out there as to how I could process this flat-file > > > >before I import into my db or after the fact? > > > > > > > >Thanks, verdon > > > >Ps. Please cc me if replying to list as I am on digest mode > > > > > > > > > > > > > > > > > > > > > > > > > > > -- > > PHP General Mailing List (http://www.php.net/) > > To unsubscribe, visit: http://www.php.net/unsub.php > > > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
