Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.

cloud_space's avatar

crypt / decrypt not working

Hello Folks,

i am trying to make a secure Personal password manager (because i am fed up with the passwords in general and also not quite happy with all the password managers out there),

using laravel8,

managed to get this up and running, except for a few issues, with encrypt / decrypt,

basically i have this set in the database migration, $table->string('view_secret')', creating password with this set to , 'view_secret' => Crypt::encryptString(strval($passGenerated)) and in the display page , since i would like to get the password visibile to copy paste it to any web site, i have this -> $viewSecret = Crypt::decryptString($secret); but the decryptString does not seem to work ,

by the way the original password which is generated is hashed in the normal Larvel way, since i need access to the password to use it in the websites which need them , i am using the viewSecret to display them ,

any help would be appreciated, or a better future proof secure and simple way of achieving the above would be great as well

Thanks, Jay

0 likes
5 replies
thinkverse's avatar

You cannot decrypt hashed values, hashes are one-way. You'd want to encrypt the passwords, Laravel comes built-in with encryption casting. That will encrypt the value before storing it in the DB with your application's secret key and then decrypt them when fetched.

Another option is to use Laravel's encryption manually when you store and retrieve the passwords, that'll give you more flexibility.

Personally, I wouldn't even try to make my own password manager if I didn't know the difference between hashing and encryption. If you don't want to pay for a password manager you always have the open-source version of Bitwarden.

1 like
cloud_space's avatar

Hi thinkverse,

thanks for the reply, if you read the above question, it explains that i am using hasing as well as manual query, maybe i did not explain this properly,

so basically i would like a secure and simple way of getting this done, and hence this question,

" Another option is to use Laravel's encryption manually when you store and retrieve the passwords " and this is my approach, for retrieving the password,

" Personally, I wouldn't even try to make my own password manager if I didn't know the difference between hashing and encryption. " and thanks for the encouragement trying to develop something useful :) ,

anyone who could help with this would be great,

Thanks

jlrdw's avatar

A password should at least be hashed with Bcrypt. Read the PHP manual.

sr57's avatar

@cloud_space

because i am fed up with the passwords in general

Don't you know SSO?

https://www.sitepoint.com/single-sign-on-explained/

managed to get this up and running, except for a few issues, with encrypt / decrypt,

No pb at all with no hash value (see @thinkverse 's answer)

... the above

?

-1- Describe the problem, make sure it's a general problem, ...

-2- Describe what you want to do, make sure it can be useful for a large number of users

-3- Launch your project on a public repo

Snapey's avatar

open tinker and make sure you are happy with how crypt and decrypt work

next, make sure your database fields are big enough, the column needs to be at least 4x the size of the secret

again use tinker and make sure you can encrypt and decrypt via the database before you worry about views and controllers

finally, I would not consider this a useful project. You are sending your secrets to the client for display in plain text. Password managers use end to end encryption and are waaay more secure than what you are proposing

by the way, just use the term secrets. Some people are clearly triggered by the word password and then don't read the question properly

Please or to participate in this conversation.