pundip
Posts: 8
|
Posted: 06/29/2017, 12:57 AM |
|
I am looking for instructions on how to implement password encryption on a project. I have used the registration application that comes with code charge and under settings>security>advanced I have ticked Encrypt passwords using and selected Database function and entered "PASSWORD" The idea being that mysql will hash the passwords. When I create a user the passwords are stored in plain text. Any advice?
|
|
|
mans
Posts: 7
|
Posted: 06/29/2017, 1:05 AM |
|
just use the 'Encrypt Password Action' to change the Password field before Insert.
|
|
|
pundip
Posts: 8
|
Posted: 06/29/2017, 5:48 PM |
|
I added the "Encrypt Password" action for the record "users" in the registration page. I set the Password Control Name to user_password which is the correct field and left value blank. Password is still being stored in plain text form.
|
|
|
eratech
Posts: 513
|
Posted: 08/21/2017, 12:36 AM |
|
pundip
Have you checked the Database password is including the {password} bit so the code can put the password into the function?
See the Help manual bit "Advanced Security Settings" and see the examples:
PASSWORD({password})
Also is the password field in the users table long enough for the hashed password?
And DO NOT use MD5. Never, no matter what the examples say.
Cheers
Eric
_________________
CCS 3/4/5 ASP Classic, VB.NET, PHP
Melbourne, Victoria, Australia |
|
|
|