June 25th, 2000, 07:07 PM
What is the best way to store and retrieve encrypted passwords in mySQL with Perl DBI?
To store password -->
When setting the value in the query add the password() statement to the value...ie
$query = "INSERT INTO yourtable (yourfield, otherfields) VALUES (password('$yourfield'), $otherfields)"
To retrieve password -->
There is no way to retrieve an encrypted password from the MySQL database (that I'm aware of..)
To check that a password entered matches a password in the database you can encrypt the entered password and check that string against the encrypted password in the table.
See "MySQL password verification" posting in Perl Forum......
Hope that helps some.......
Hi Deviant, thanks for responding. This is somewhat what I'm looking for, one thing that I'd like to do though is allow users who have forgotten their password have to have it automatically emailed to them when they submit a "Lost password" form (why I would like to be able to decrypt the password) .... do you know how so many other sites are able to do this? (including this forum, for example)
I have solved this problem by entering password in two different fields as follows.
$query = "INSERT INTO yourtable (yourfield, otherfields, yourfield_1) VALUES (password('$yourfield'), $otherfields, yourfield_1)";
password('$yourfield') will be checked for user password and in case if user forgot his password "yourfield_1" will be mailed to him.
I do not know whether this correct. Tell me if there is any better way.