CodeCharge Studio
search Register Login  

Web Reporting

Visually create Web Reports in PHP, ASP, .NET, Java, Perl and ColdFusion.
CodeCharge.com

YesSoftware Forums -> CodeCharge Studio -> PHP

 md5 encryption database

Print topic Send  topic

Author Message
Francisco3945

Posts: 28
Posted: 02/03/2017, 7:42 AM Quote message

Someone would have an example of how to use the security of the codecharge with the md5 encryption option
View profile  Send private message
eratech


Posts: 510
Posted: 02/11/2017, 11:33 PM Quote message

@Francisco3945 - Don't use MD5.

It is unsafe and has been for over 15 years (despite what the CCS Manual says).

If you want a quick method of increasing the password encryption without adding extra libraries (like phpass and bcrypt) I suggest using the CCS Password feature and using a different encryption algorithm.

In the project settings under Security > Advanced Security > tick Encrypt Database using > tick Code Expression and put in something like this:
hash('sha256','d4DF44%$'.{password})
but CHANGE the string "d4DF44%$" to any other random string of 4-8 alphanumeric characters.

This will encrypt all the passwords in your database (oh and change the length of the password field to varchar(64) at least) in a similar (but unique to your project) encryption. Don't use MD5.

Pros: It is quick and built in, and can be understood fairly quickly, and you change the 'random string' for each project. No installation of external libraries.

Cons: not 'best practice' and not unique encryption for each person.

If you do 1 little thing to make your passwords more secure, try that. Also check out 'whirlpool' and other encryption functions build into PHP. Don't use MD5.

Cheers

Eric

Don't use MD5. ;-)
_________________
CCS 3/4/5 ASP Classic, VB.NET, PHP
Melbourne, Victoria, Australia
View profile  Send private message
Francisco3945

Posts: 28
Posted: 02/15/2017, 3:36 AM Quote message

thank you
View profile  Send private message

Add new topic Reply to topic Subscribe to topic   


These are Community Forums for users to exchange information.
If you would like to obtain technical product help please visit http://support.yessoftware.com.

Internet Database

Visually create Web enabled database applications in minutes.
CodeCharge.com

Home   |    Search   |    Members   |    Register   |    Login


Powered by UltraApps Forum created with CodeCharge Studio
Copyright 2003-2004 by UltraApps.com  and YesSoftware, Inc.