How can I store password securely in MySQL and authenticate to external services

Question

Currently I have a PHP script that connect to a mail server via IMAP and parse new emails to MySQL. credentials to connect to the mail server are stored in MySQL using plain

Answer 1

Depending on what the email server needs to authenticate. If the passwords need to be sent using plain text (maybe because the email server hashes it itself), you should encrypt your password and then decrypt it before send it to the email server.

If you can send a hashed password to the server, hash it using a hash function (md5, sha1, sha512, ...).

hash('sha1', $password);
sha1($password); // Same result as above.

If you have to encrypt (in order to be able to decrypt), you can use mcrypt or openssl.

http://php.net/manual/en/function.mcrypt-encrypt.php http://php.net//manual/en/function.openssl-encrypt.php

The difference here is that a hashed password can't be unhashed. An encrypted password can be decrypted.