Technical Support Forums

Free, outstanding support from WebAssist and your colleagues

› WebAssist Forums › Data Bridge › SecurityAssist › Password encryption

View all replies to this thread

Password encryption

Thread began 10/04/2009 12:22 pm by Roxana | Last modified 10/06/2009 4:14 am by Roxana | 3989 views | 11 replies

10/05/2009 3:49 amDavid CHnet.com

No "encryption" needed in database

In your form you define the password field as being encrypted. That means that when the POST is made from the form the value typed in is immediately encrypted, then stored in the database as hex.

Therefore the database field only has to store characters - there is nothing special about the defintion of that field, it should be type "varchar" of 40 characters.

When the password is read for validation at login, the process is ...

- password entered by user as plain text
- it is then encrypted on POST
- the password is read from the value stored in the database (also encrypted)
- the two values are compared
- resulting action

Hope that helps and I hope I am right. I only dealt with all this myself for the first time yesterday, it wasn't easy, and I've been doing this stuff since the days of Noah. If you haven't found it, it is more than useful to download the sample tables where the table "visitors" shows you the table structure you need.

Build websites with a little help from your friends

Your friends over here at WebAssist! These Dreamweaver extensions will assist you in building unlimited, custom websites.

Build websites from already-built web applications

These out-of-the-box solutions provide you proven, tested applications that can be up and running now. Build a store, a gallery, or a web-based email solution.