View Full Version : Saving email address to database

01-11-2008, 11:00 PM
I'm doing register/login system. Databases can be broken by atackers so:

1. saving users passwords as SHA1, I read somewhere that SHA1 can be theoreticaly broken but not in practical world.

2.How to save email adresses, if I use one way encryption, should I use same password for all emails, and where to store that password, would it be save to have it stored directly in server side code ?

Thanks for suggestions.

01-12-2008, 03:34 AM
if u store email-ids as hashes how will u send mail notifications?

01-12-2008, 06:40 AM
Sory probably my bad(i was thinking TEA, AES,... as oposite to RSA), not hash.

So basicaly I need to know where to store password, and is it one password enough.

Looking at security ?