Why should I make password as hash code,then save in database?

Question

I wanna program secure login system by php,So I surfed the web for some days and get good recommendation that provide how to do it.

But I have a question about one of the tips, Why should I save users password as hash code in database?

If some one can hack my website or database,it can access to my database,and it's not so important for him/her to has users password.He/She can access all of users information.so what is the benefit of doing it?

Answer 1

As it says right in the PHP manual, the prime reason to hash passwords is because users may reuse the same password for multiple systems (even through it is advised not to). Given that a user database is usually going to also contain email addresses, a hacker that compromised your database would have several valuable pieces of information that they can potentially use against each individual user. They might take the email address and plain-text password right over to a user's email provider and gain access there. You don't want that responsibility falling in your lap, so by hashing the password you have somewhat mitigated your user's poor choice to reuse passwords.

Also, consider that there are several ways to compromise a database. We aren't necessarily only talking about someone gaining full command line access, or getting into phpMyAdmin or the like - they might simply have gotten a dump of users through specific SQL injection or inadequate security in an API. Those "partial" breaches might only give away tidbits of information, you certainly don't want one of those tidbits to be a plain-text password if you can absolutely prevent that scenario by simply not having plain-text passwords. The bottom line here is that you're adding another obstacle to the path of an attacker.

Hashing passwords, however, is not the end-all. An attacker could use brute-force methods to reverse the hashing. Be sure to use the best available encryption methods (discussed in the article I linked to), and consider adding "salt" to the hash to make brute force/rainbow table methods less likely to succeed.

Answer 2

Some users may not want to their passwords can be seen by the site owner himself. And so many people use the same passwords for everyone website they use.

Answer 3

It is also worth mentioning that if a hacker gets access to your users table and sees the hashes, he could try to decipher the hash by using a rainbow table, but that would be awfully slow.

Answer 4

Most users re-use passwords on multiple sites. I'm sure you do so too.

If you've got the user's data, like e-mail address or even more basic information such as name or location, then that user can easily be hacked on other websites, because of the flaw of not hashing the password (correctly).

Just hashing isn't even secure enough, you should also include a salt so it is even more difficult to find out which passwords are behind the user.

Answer 5

For some forms of attack, the attacker might only gain access to one specific table at a time.

If that table is your users table, then the attacker can see the passwords in plain text and you're completely hosed.

Answer 6

Hashes is not plain text passwords, and you cannot enter hash in login form to log in. So, cracking hash may take some (big) time.

Answer 7

In case the database becomes accessable to anyone else he wouldn't have every user's password, but rather the hash. And having the hash is enough to confirm that the user entered the correct one when he logs into your application.

It's basically adding additional complexity to any effort a hacker might make to compromise your data. And it has been best practice for a long while now.

The point is: People tend to use username/password combos in a lot of applications. If one of them yields data to a hacker, it might open a lot of gates.

Answer 8

One thing is get all the info about your users, other thing is to do stuff on behalf of those users. Think about e-commerce website which stores credit card numbers (in another database for example), or some social website where you can leave comments about friends and etc. :)