php-encryption icon indicating copy to clipboard operation
php-encryption copied to clipboard

Published 20 hours ago verified publisher icon defuse

Two Questions

Open hirasso opened this issue 6 months ago • 0 comments

Hi there! Thanks for all the work you put into this library, both technical and educational. Much appreciated!!

After reading through the Tutorial and the FAQs, I have two questions (I would have opened a GH discussion, but this repo doesn't seem to have those activated):

  1. In the FAQs, Does encrypting hide the length of the plaintext?, you are writing about having to pad the string in user land:
  • Any tips or best practices how to do that with an arbitrary length input string?
  1. In Scenario #2: Encrypting account data with the user's login password, you are talking about generating the key from the user's password.
  • This would render the stored information useless as soon as the user changed their password, correct? Just to make sure I understand correctly :)

hirasso avatar Aug 02 '24 13:08 hirasso