«
»

MySQL MD5 User Password


When you have a user’s table in your database it is bad practice to store user passwords within this table in plain text, the problem with this if anyone managed to hack your database or a mischievous employ looks at the table then they will be able to see everyone’s password.

However if we store the passwords using the MD5 Hash Function then it’s impossible to see the password, however all we can do is encrypt the users password and see if it matched the stored MD5 Function, so how do we do this:

Well we enter these commands when adding new users, and checking to see if a user’s password is correct:

Insert new User

INSERT INTO `user` (`Username`, `Pass`) VALUES ('bob.jhonny', MD5('mypassword'));




Check Password

SELECT * FROM `user` WHERE username='bob.jhonny' AND pass=MD5('mypassword');

If returns null then the user password is incorrect

Reset Password

UPDATE `dlp_contatcs`.`user` SET `Pass`=MD5('NewPassword') WHERE `Username`='bob.jhonny';

Please remember all passwords stored in this way are case sensitive.

, , , , , , , , ,

This entry was posted on January 25, 2011, 10:16 am and is filed under Short. You can follow any responses to this entry through RSS 2.0. You can leave a response, or trackback from your own site.

  1. #1 by Tyler Allen on July 22, 2011 - 8:39 am

    the md5 function should be preinstalled with mysql

    Quote

You must be logged in to post a comment.