If I made a plugin which stored the players name and password in a db file to provide secure accounts, would players be able to hack into the file or get around the method?
If you store passwords as plain text then if server gets hacked or compromised then yes its a possibility. you should do something like this Code: $salt_left="some secret test"; // maybe even get it from config on server so person can salt it them self $salt_right=="some secret test"; // maybe even get it from config on server so person can salt it them self md5($salt_left.$password.$salt_right); //to check if password is same just do if (md5($salt_left.$password.$salt_right) == $db_password){ return true; }else{ return false; } salting a password and encrypting it is standard for most things these days with out salt you can still crack passwords by comparing them with know md5 hashes
well crypt, md5, sha256, each to own they all still work fine, its really personal choice and if you cant use crypt functions due to shared hosting or other issues then your out of luck that is why salted md5 is still the standard for hashing passwords. again is personal preferance http://php.net/manual/en/function.password-hash.php is better the crypt()
Um... A function that converts raw binary data to raw hexadecimal data... What does that have to do with anything?
It converts a binary string to a human-readable string. For example, "\x00" to "00". @Tethereed_ theoretically, nobody can read the files inside your machine unless you let them to. But still, saving passwords in plaintext will make the server owner see everything, which we all hate.
you could always use AES 256 encryption to do passwords to be honest any password is crackable keep in mind even though md5 is old way of doing it md5 ALONE is not recommended this is why people salted them as you would need to know salt depending on how complex your salt was would make it hard to easy to crack it, again I personally dont use it just for passwords i use it to hash my keys that are used in encrypting my passwords I doubt anyone with out a super comupter would be able to crack any of it