If on our web page we have a users' system and want to protect the passwords to prepare possible vulnerabilities in our servant, a measured effective encriptar is the passwords, so that if someone can gain access to them it could not see the password if not his encriptación.

To improve this system, what we will do is to use an algorithm of encriptación of only one felt, that is to say that one cannot desencriptar by any means, how for example md5.

To keep the password encriptada in md5, we will use the function md5 () of PHP:

<?
$contrasena = md5 ($contrasena);
?>

We can already keep the password in our database or file, but...: how will we do for comprovar the password in the beginning of meeting?

Very easy, since in the database we have the password in md5, encriptaremos the password that the visitor writes likewise is encriptado the password of the user at the moment of his regístro, now we will be able already to compare the password sent with the stored one in the servant, if the encriptación coincides the fact is that the password is correct.

But if we do not use a sure transmission (pe: SSL) there keeps on being a problem, when the user sends the information to the servant, the password is sent without encriptar, and in this moment it can be captured by a third one. To avoid this, let's prune encriptar the key in the computer of the client using JavaScript thanks to Javascript MD5, instead of encriptarla in the servant using PHP.

Article for courteousness of Eloi of St Martin
www.programacionweb.net