Safer way to encrypt passwords in MySQL? And the easiest? [duplicate]

The MD5 and AES functions should be considered. The choice between one of the two encryptions depends on your need.

MD5 is one of the best known, however, if at some point you need to revert it for some reason, it will not be possible.

AES is my favorite encryption in this case because you have the AES_ENCRYPT and AES_DECRYPT functions, so you can revert the password (using the key) if you need it.

More details about this link can be found here: link

Now, actually answering your question ... AES encryption uses a pre-set value of 128 bits and can only be reversed through the key. The MD5 cryptography uses a 32-digit hexadecimal value. I have heard that both have already been broken, so I think they are on an equal footing.

And about ease of use, both are very simple.

INSERT INTO usuarios (login, senha) VALUES ('usuario_1', MD5('abc123'));
INSERT INTO usuarios (login, senha) VALUES ('usuario_2', AES_ENCRYPT('abc123', 'chave'));

I believe the best option would be to let the bank just store the information, that is, already come encrypted by the application.

Another alternative is to use the PASSWORD() function to encrypt passwords when saving:

  insert into tabela(campo) values(password('minha senha'));

Here's an example: sqlfiddle.com
Reference: MySql password hashing

EDIT : As pointed out by @FabioC, the PASSWORD function has been deprecated since version 8.0.11. You can use other encryption functions as SHA() .