I would like to create a login application using PHP and phpmyadmin databases and want the password to be encrypted so

1. is there another type than md5() and password() to encrypt text?

2. what the difference between md5() and password()?

3. what is the better betweeb md5() and password()?

Thank you, hopefully can be benefit to other

*edit I Prefer 1 way hash method for this one :)

All the answers you can find in the official documentation. Please always start with that before asking questions.

1. Yes, see the list in the linked docs, with detailed explanations.
2. md5() uses MD5 and password() uses MySQL's native hashing, as seen in the docs.

3. Depends on what you need it for. This question is way too vague, but the docs give a hint:

   The PASSWORD() function is used by the authentication system in MySQL Server; you should not use it in your own applications. For that purpose, consider MD5() or SHA2() instead.

Unfortunately it is not possible to store passwords safely with only SQL commands.

To prevent rainbowtable attacks you should add a random salt to the hashing scheme, but this means that you cannot verify the password with SQL alone. You would have to read the salt of every row in the user table and calculate the hashes for comparing.

A safe hash function can be tuned to need a certain amount of time (e.g. 10ms), BCrypt for example has a cost factor. If you have to check every row and every calculation needs some time, you will run into problems if your user table grows.

These are the reasons, why passwords should not be hashed by the database itself, instead do it with your development language. First you have to find the hash and its salt by the given username, afterwards you can verify the password for this single row. For PHP have a look at the function password_hash().

Yes, there are others types.

I recommend you to use BCRYPT. It allows you to encrypt passwords in a one way crypt. You won't be able to recover passwords, there's a function which let you know if a given password is the same than a crypted one.

Cheers

The PASSWORD() function is used by the authentication system in MySQL Server; you should not use it in your own applications. For that purpose, consider MD5() or SHA2() instead. Also see RFC 2195, section 2 (Challenge-Response Authentication Mechanism (CRAM)), for more information about handling passwords and authentication securely in your applications.

http://www.sitepoint.com/forums/showthread.php?761789-MYSQL-s-password()-function-or-md5()