Best way to use PHP to encrypt and decrypt passwords? [duplicate]

Answer 1

The best idea to encrypt/decrypt your data in the database even if you have access to the code is to use 2 different passes a private password (user-pass) for each user and a private code for all users (system-pass).

Scenario

1. user-pass is stored with md5 in the database and is being used to validate each user to login to the system. This user-pass is different for each user.
2. Each user entry in the database has in md5 a system-pass for the encryption/decryption of the data. This system-pass is the same for each user.
3. Any time a user is being removed from the system all data that are encrypted under the old system-pass have to be encrypted again under a new system-pass to avoid security issues.