You as a user don't know how the password is encrypted (it's actually not encrypted at all, but hashed).
You just pass the password, and MySQL can perform the same hashing as on the original password and compare it to what is stored. If you pass the hashed version, the whole benefit of hashing is gone: If somebody gets the hashes from the server, they can just use those to log in as if they were normal passwords. The hash has then become the password.
Added benefit is that MySQL, because it has the original password, could re-hash it with a better algorithm, add a bit of salt and store that improved version. If it never gets the original, that can't be done. PHP's password functions support this as well. You can check with password_needs_rehash
if a hashed password is still hashed properly, and update your database if it isn't.
So, for security, you will need to take other measures. These are at least:
- Store the password in an include file that lives outside of the document root. That way, nobody can open that file directly.
- You can prevent include files to be opened without being included (for instance by checking for a define that was set in index.php). That's nice, but if PHP fails due to a configuration error, people can just browse the file's source, so stick the the previous rule.
- Always make a special database user. Don't use
root
. Give this user just enough right to operate the database, but no more. No rights to drop tables for instance.
- Always give that user a unique password. You don't have to remember this password. Just generate random garbage with plenty of characters.
- Change the password regularly. Maybe you could even script that and store the updated password in the config.
与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…