What are the advantages of storing passwords in a database table compared to directly in PHP files?

Storing passwords directly in PHP files is not secure because if someone gains access to the files, they can easily view the passwords. It is recommended to store passwords in a database table where they can be encrypted for added security.

// Connect to database
$servername = &quot;localhost&quot;;
$username = &quot;username&quot;;
$password = &quot;password&quot;;
$dbname = &quot;myDB&quot;;

$conn = new mysqli($servername, $username, $password, $dbname);

// Encrypt password before storing in database
$password = password_hash($password, PASSWORD_DEFAULT);

// Store password in database
$sql = &quot;INSERT INTO users (username, password) VALUES (&#039;$username&#039;, &#039;$password&#039;)&quot;;
$conn-&gt;query($sql);

$conn-&gt;close();

Keywords

password hashing database security password encryption PHP database connection password storage

What are the advantages of storing passwords in a database table compared to directly in PHP files?

Keywords

Related Questions