0

I use Yii Framework in PHP, and to encrypt password in database, I use : 

$pass = CPasswordHelper::hashPassword ($this->newPassword);

To verify password match, I use : 

    if (!CPasswordHelper::verifyPassword($this->currentPassword,$this->_user->passwd)) {
...
    }

Now, I have to send encrypted password from Android device. I should send it without encryptation and process it with PHP, but it doesn't seem so secure send clean password.

So, is there a way in Android to encrypt pass the same way CPasswordHelper does???? [ The thing is I don't really know exactly what encryptation / hash is applied in PHP ]

Any Help will be appreciated!

Tx

Juliatzin
  • 18,455
  • 40
  • 166
  • 325
  • ok.. encrypt password in android and send it..to server. this is what you want ? – Charaf Eddine Mechalikh Apr 22 '15 at 17:10
  • 3
    So long as you are using ssl, you should be fine sending the unencrypted password to the server. – cwurtz Apr 22 '15 at 17:12
  • Yes, but in the same way I do it in PHP with Yii. I should Encrypt it with SHA1.Sha1Hash, but I guess it is not the same encryptation that CPasswordHelper::hashPassword so CPasswordHelper::verifyPassword will fail – Juliatzin Apr 22 '15 at 17:14
  • 1
    For what it's worth Yii's CPasswordHelper is using blowfish (http://php.net/manual/en/function.crypt.php -> see CRYPT_BLOWFISH) – cwurtz Apr 22 '15 at 17:24
  • I'm seeing that there is no native way ( or simple way ) to do it, and I have SSL Cert, so I should not need to encrypt pass as @CJWurtz says. – Juliatzin Apr 22 '15 at 17:37

0 Answers0