|Posted: 06/27/2008, 11:30 AM
(This is from Walter Kempees..hope it helps someone.)
It is described in 4.x Help file.
Help search: Advanced Security Settings
Basically if you have an application using a users table, a login form and no encryption:
(Based on Internet example database).
1: choose the method of encryption you like or need, One-Way or Two-Way.
One-Way (MD5()), will encrypt your password. There is no decryption method.
Two-Way (Password()) will allow for decrypting.
If your user has a way to retreive his previously entered password (could be a requirement), you need Two-Way,
else you need to generate a new password and e-mail that to the user in order for the user
to be able to login to reset his password. The flow of this process is beyond the scope of this post.
2: Alter your user table's password field from readable to encrypted using he encryption method choosen.
It is a (My)SQL command that does this for you.
UPDATE users SET user_password=PASSWORD(user_password);
The PASSWORD(user_password) is for Two-Way, MD5(user_password) would cater for the One_way method.
The command you can issue through the use of you DatabaseTool like PhPMyAdmin, Navicat or any other.
3:Once that is done, you will have to go to your application, Project Settings, Security click Advanced and set it to the choices you have made earlier and described in mentioned Help Article.
Basically, check the checkbox "Encrypt passwords using" choose Database Function and enter either "PASSWORD" or "MD5". (no brackets () )
Press F9 to have your application regenerated and it should work out-of-the-box.
A few notes:
Never do this on a running application, nor during up-time.
You will need time, the SQL-Update can be fast, Uploading the changed application takes longer.
Using the MD5() method, you have NO means to retreive the user entered password (should you?).
The length of the user_password field is of interest here, a varchar(8) (seen often) is to short varchar(25) would be more applicable. The size of the field determines the encryprtion key generated (MySQL 16 or 41-bit key).
Remember that the user types in a readable password at the client side, it is then encrypted at server side and the login testin takes place.
In principle it is still possible to "steal/sniff" the password during network transport, that can only be solved by using SSL, HTTPS, certioficate.
Hope this is what you asked for and meets your needs.
Walter Kempees...you are dearly missed.
|Posted: 03/29/2009, 7:30 AM
Please be aware that for "Encrypt passwords using" Database Function "PASSWORD" the length of the password field has to have a minimum of 50 characters long: varchar(50), no less.