First and foremost, I want to iterate that I'm not asking how to HASH a password (such as salting / bcrypt / etc). For every other project I've done, I've always hashed / salted the passwords but in this case I need to regain the password temporarily.
Basically, I need to store a password in my DB and then have it be accessible again. In codeigniter (the framework I'm using), they use mcrypt as well as a key (which they suggest should be 32-characters long). Would this suffice?
EDIT:
The reason for asking: I need to be able to send out mission-critical sensitive PDFs to users and want to password protect them (ideally with the same password).
After a discussion with people on SO and off, I've come to the conclusion that you should NEVER encrypt a password and always hash / salt it. Think of how many people use the same password / email for different services. Therefore, I've come to the conclusion that IF you DO need to encrypt an item that you should use a separate PIN or other non-essential item.
However, even though I'm going to go the pin route and keep the passwords hashed, I still am very curious as to how you would theoretically go about this problem.
Yes, as long as you keep the SALT value secret.
UPDATE: seems people do not happy with simple answers. by using mcrypt extensions, you can encrypt your data with a specific secret value SALT. If people do not know the SALT, they can't decrypt the value.
Example:
<?php
define('SALT', 'whateveryouwant');
function encrypt($text)
{
return trim(base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, SALT, $text, MCRYPT_MODE_ECB, mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB), MCRYPT_RAND))));
}
function decrypt($text)
{
return trim(mcrypt_decrypt(MCRYPT_RIJNDAEL_256, SALT, base64_decode($text), MCRYPT_MODE_ECB, mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB), MCRYPT_RAND)));
}
?>
Of course, if you want extra security, consider using Public Key Infrastructure.