View Full Version : Saving email address to database

01-12-2008, 12:00 AM
I'm doing register/login system. Databases can be broken by atackers so:

1. saving users passwords as SHA1, I read somewhere that SHA1 can be theoreticaly broken but not in practical world.

2.How to save email adresses, if I use one way encryption, should I use same password for all emails, and where to store that password, would it be save to have it stored directly in server side code ?

Thanks for suggestions.

01-12-2008, 04:34 AM
if u store email-ids as hashes how will u send mail notifications?

01-12-2008, 07:40 AM
Sory probably my bad(i was thinking TEA, AES,... as oposite to RSA), not hash.

So basicaly I need to know where to store password, and is it one password enough.

Looking at security ?