Reputation: 1561
Can I connect to a database using a hashed password?
My application needs to connect to several sources (MySQL and Oracle).
Admin users can add sources.
They will supply credentials for these sources.
I will store the credentials, I don't want to store a password as clear text, so I want to hash it.
I then need to use these credentials to connect and do a SELECT.
How can I connect to mySQL using the password, which is hashed in my db.
Amended when I realised how silly being able to connect with with a hashed password would be!
I think what I actually need to do is just encrypt my passwords in my db, then decrypt before I connect. Any advice on how I should do this?
Mick
Upvotes: 0
Views: 3763
Answers (3)
Reputation: 1561
You cannot connect to a db with a hashed password, that's the whole point of hashing them. This means that if they are maliciously obtained, they cannot be used.
I just need to use mcrypt to encrypt them when I save them and then decrypt when I connect to the sources.
This is probably the best solution which doesn't require a PHD.
Not sure why someone couldn't have suggested this.
I am also considering writing small APIs for the database connections which will just pass the data back to my main application.
Upvotes: 0
Reputation: 2994
No, you cannot connect to the database using a Hashed password. There would be no point of hashing if that were the case. This goes on:
- You create a user with a password (which is a string of characters).
- The string is converted into another fixed-length (generally) string using a hashing algorithm.
- When you try to log into the system with your password, the hashing algorithm will again run your password and see if it returns the same hashed string as it did when you created your account.
- If it does, you log in.
- However, if you enter the hashed string, MySQL will treat it as the actual password and hash it further. It won't match. Hence, it won't work.
Upvotes: 0
Reputation: 37048
Looks like XY problem here.
What you are really asking is a datasource authentication management. It can be done with 3rd-party authentication. Something like LDAP or Kerberos.
Please read for inspiration:
- https://dev.mysql.com/doc/refman/5.5/en/pluggable-authentication.html for MySql,
- https://docs.oracle.com/cd/E19728-01/820-2550/ldap_auth.html for Oracle,
- https://www.postgresql.org/docs/9.1/static/auth-methods.html for PostgreSQL
Or leave it as plain text to cut the cost of development and support.
Upvotes: 1
Related Questions
- How add to database hash password in Laravel?
- How to create a laravel hashed password
- Hash in Laravel
- Laravel Empty Password hashing
- laravel 5.2 - create password for user
- Creating password hash in Laravel project
- Connect to MySQL with hashed password?
- Is password Hashed when manually entering into database possible using phpyadmin?
- Laravel hash password in controller
- create a user with hashed password