Secure password storage

Question

I\'m developing a web service where users must login. I will store user data in an SQL database and input/output via PHP. But I don\'t want to store it openly. How do I encr

Answer 1

You probably want to hash the password - not encrypt it. Check out SHA-1. Hashing means that you cannot retrieve the original data as you can with encryption. Instead what you do is hash the users input and compare it to the hash in the database to see if they've got the right password. Doing this increases security as if your database was ever compromised - a bunch of hashes are useless.