Reputation: 11
Wordpress mysql password hash
What is the best/easiest way to hash Wordpress db mysql password ?
/** MySQL database password */
define('DB_PASSWORD', 'mypassword');
How to hash "mypassword" ?
I have tried md5 and SHA1 but not worked, only plain unencrypted text work.
Upvotes: 0
Views: 2184
Answers (1)
Reputation: 108841
Like @Rup said, you need the plaintext password to your WordPress database to be available in your php code. That's because the connect request from php to MySQL needs it to be in plaintext.
It would be nice if you could conceal it with a hash somehow, but unfortunately that's not how authentication to the MySQL DBMS works.
Most people create a custom MySQL credential pair (username/password) for each WordPress installation, and restrict access for that credential pair to just the database for that instance. That limits the damage if somebody manages to steal the password.
Notice that the WordPress security programmers are very smart indeed, and they've been working on it for over ten years now. In those ten years, various WP installations have come under countless cracking attempts. Even if you're an extremely competent and security-aware programmer yourself, you'd be very wise to use their code, because they've had a chance to debug it in the real world.
Upvotes: 2
Related Questions
- Check WordPress hashed password with plain password
- Password hashing not working in php mysql
- How to set hashed password for MySQL database user
- Getting password hash from MySQL
- Connect wordpress with mysql using md5 password
- Hashing password and login
- Mysql password Error in PHP
- PHP mysql register password
- mysql passwords Connecting to MySQL with PHP
- Hash Passwords php