My question is HOW?

How do I HIDE/ENCRYPT my MySQL Database Password so that I am the only one in this world knows it and be able to access the database and do stuff inside?

If I do the method like below, someone else can dig the database password and gain access into my database.
Any way of solving issue like this?

Thanks.

If possible, put the mySQL connection details in one file only, and place that file somewhere above the level of the web root. This means the file will be completely inaccessible to anyone browsing over the web. Of course, if they knew your FTP login details, they could still access it (and everything else).

It's a good practice to put all your back-end files above the web root (PHP scripts, etc.). Only front-end stuff (HTML, CSS, javascript, images...) belongs at (or below) the level of the web root. Of course, your HTML documents may contain small amounts of PHP, and that's fine.

You then use includes to...er, include this file in your pages. To make this work, you need to know the full directory path on the server. For example, it might be something like: /home/yoursite/bin/mySQLconnect.php (if you placed the connection file in the bin directory).

Better yet, make a database object. You can then keep all the code for connecting to the database encapsulated in (and private to) this object, so that when you want to connect to the database, you just write something like this:



This is the approach used by PHP frameworks (of course, the database object lives in a file above the web root).

You can also encrypt the database password. I'm a bit shaky on the theory here, but a simple method is to generate an md5 hash of your password. Instead of storing the raw password in your file, you store the hash. In your database connection function/method, you decode the hash.

Let's say your password was "my-weak-password". In PHP, for example, you would generate a hash by running md5("my-weak-password"). You then take the output (say, "f13jhvg0be8r32lfdgu9") and store it as your password ($db-password). In your connection function/method, instead of supplying the argument "$db-password", you supply the argument "base64_decode($db-password)".

You can make this encryption much more secure by adding a salt.

Hai Mike!

Thanks for the long info
Well, actually I am talking this locally. I mean, I have a localhost web based system in the company I am working.
All the IT Staff have access into every php page in the www root.

So, somewhere in that file is the page that store my MySQL database Password where I have defined the php variable.
What I want to do is to encrypt that password so that others don't have a clue what password to access into the MySQL database.

Is it possible?

Do they have access to directories *above* the www root? If they don't have access, you can just put the file higher up.



Well, you can always encrypt the password, as I mentioned. However, if they have access to the entire source code, then I think they could just run the base64_decode function themselves to reverse the hash.

In principle, I think, you cannot properly encrypt something if they have access to the entire source code (including the values of all stored passwords, salts, and so on). Your only method of security is then "security through obscurity" -- making the source code so difficult to fathom that they fail to reverse-engineer it.

Yes they do have full access to the entire source code.

LOL, I just thought that there is a direct tips for this issue
Anyhow... I'll see what I can do with your "security through obscurity" tips!
Thanks anyway....

Sorry, some corrections needed here:

A hash (such as MD5) is a one-way operation. It is impossible to undo a hash (I won't say decrypt, because hashing is NOT encrypting). Passwords are often stored hashed, but rather than undo-ing the hashing to check the password, the user supplied password is hashed using the same algorithm (e.g. MD5) and the hashed values are compared. Using a salt does make a hash more secure because it helps protect against bulk hash dictionary attacks.

Next, Base64 is neither hashing, nor encrypting. It's encoding. All the bits are lined up, and then taken 6 at a time. 6 bits mean 64 possibilities. Those 64 possibilities are each represented by 1 "safe"/printable character. Base64 is used to turn some thing binary that normally can't be safely represented in a string format (such as an image file) into a series of characters that can be safely represented in a string format. That's Base64 encoding. Base64 decoding does the exact reverse (i.e. from 6 bit possibilities, back to the 8 bit bytes).


Properly encrypting something requires a key. Some encryption methods use the same key to encrypt and decrypt, others use key pairs (one key encrypts, only the other can decrypt). But in either case, if you encrypt your password, you then have to worry about how to protect the key that decrypts the password. It becomes a never ending cycle.


As Mike says, your best bet is keeping the password in one location, above the web root and obscure it if you like.

This post has been edited by christopher: Jul 10 2009, 03:22 PM

if you're trying to obscure the password in your source code, then base64decode/encode would be one solution. just remember that because it's a decode/encode people can still get at the password if they are determined enough, but at least the password isn't stored as clear-text. This is more a method of "keeping honest people honest"

Can you show me some example mate
Appreciate it, Thanks.

make youself a simple php script:

the output will be some random string like "ADssf(7234"
then instead of a clear-text password in your database connection you can write:

Ahhh, great!
I might use that in my page
Thanks mate!