How to encrypt data and password for safe data entry on PHP?

Asked By -10 points N/A Posted on -
qa-featured

Which is the best way to encrypt data and password for safe data entry on PHP? Also I keep getting invalidated input error if I try to validate user data. How can I avoid this?

SHARE
Best Answer by Sharath Reddy
Answered By 10 points N/A #148176

How to encrypt data and password for safe data entry on PHP?

qa-featured

 

Hi,

The best way to encrypt data and password on php is to use the default encrypt and decrypt keywords. Follow the steps below to encrypt and decrypt your data and password:

1. Encrypting your passwords is the best way to protect them from being stolen. You can do this using the default keywords to encrypt and decrypt.

2. Choose the data that you want to encrypt. Then type "$encrypted = base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, md5($key), $string, MCRYPT_MODE_CBC, md5(md5($key))));" to encrypt the data. This is the default keyword to encrypt data.

3. When you want to decrypt the data back then just type "$decrypted = rtrim(mcrypt_decrypt(MCRYPT_RIJNDAEL_256, md5($key), base64_decode($encrypted), MCRYPT_MODE_CBC, md5(md5($key))), "");". Your data will be decrypted.

Hope this information helps you.

 

Best Answer
Best Answer
Answered By 590495 points N/A #148177

How to encrypt data and password for safe data entry on PHP?

qa-featured

 

In PHP, the best way of encrypting data especially password is to use the “crypt ()” function. This function is used for data encryption and it creates a one way encryption. What this means is that data will be encrypted but cannot easily be decrypted. This is best used when working with passwords. It may sound easy but here’s how it works. When a user selects and enters the password, the password will then be encrypted and the encrypted version of the password is then saved.

Now, when the user logs in and enters the password again, it will be encrypted again and then verified against the already saved encrypted password to see if they match. This way if the data is intercepted in any way, the data they will only see is the encrypted version. The syntax for the crypt function is:

crypt (input_string, salt)

Where “input_string” is the data you would like to encrypt like the password and “salt” is an optional parameter that manipulates the encryption. By default, PHP uses a 2-character DES salt string. Below are the four types of salt that can be used with the crypt () function:

  • CRYPT_STD_DES – this is the standard DES-based encryption that contains a 2-character salt;
  • CRYPT_EXT_DES – this is the extended DES-based encryption that has a 9-character salt;​
  • CRYPT_MD5 – this is the MD5 encryption method that has a 12-character salt that starts with “$1$”;
  • CRYPT_BLOWFISH – this is the Blowfish encryption method that contains 16-character salt that begins with either “$2$” or “$2a$”.

Related Questions