Link to home
Start Free TrialLog in
Avatar of ttheimer

asked on

Encrypting authentication data within my php code

From several sources I have seen recommendations to encrypt authentication data (e.g., login passwords, certificates) when used within php code and yet I have not seen an explanation of how to do so.  It would seem that if I encrypted the data within the code I would also need to place the decryption key within the code which would gain nothing for overall security.  There must be something I am not understanding here!  Can someone explain?  Thanks.
Avatar of TeRReF
Flag of Netherlands image

Yes you both encrypt and cecrypt in the code, but the purpose of the encryption can have more than 1 reason. An example would be that you might want to store encrypted password in a DB. Everyone with access to that DB will not be able to read the passwords used.
Avatar of ttheimer


I understand the encryption of passwords placed into the database but my question is about authentication keys that need to be handled within the code.  One specific example would be a login name, password, and signature for a Paypal transaction.  The Paypal documentation recommends encrypting this information to protect it.  I have seen similar recommendations elsewhere.  My question is a "how to" question: how do I encrypt this data so that it can be decrypted and sent to Paypal as part of a credit card transaction, how do I do this without also placing the decryption key in the code?  Sorry if I wasn't specific enough with my initial question.
Avatar of savvior1

Link to home
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial