No matter how secure your software, hardware, database or connection is, you should NEVER
store a user's password in its original form. NEVER
A password should always
be encrypted, preferably with a salted hash
Using the SHA-1 hash algorithm as an example, the string "Ben
" becomes "41126fc03289a05d86219d28b38e5e365ff0359f
" and this is what should be stored on your database.
To verify a correct login, simply use:
The SHA-1 algorithm is used here only as a simplified example and it should not be used on it's own, since it's not considered secure anymore.
input_username = INPUT "Enter your username: "
input_password = INPUT "Enter your passoword: "
GET FROM DATABASE password WHERE user = input_username
IF SHA-1(input_password) = password THEN ACCESS_GRANTED
If necessary, I can explain you in detail what is a "salt" and what needs to be done to secure a password. Just let me know.