In my web page, whenever someone creates a user account, a secret key would be generated for the 2nd Authentication(aka One-Time Password). An example of the generated key looks like this:"C9DR2VWVEE1SQXAR". Is it a bad move if I were to store this key as it is into the database, without hashing or salting or encrypting it? If so, what's a good way to store it php/mySQL?

Edit: I'm not looking for solutions for storing password, I'm asking about the secret key for the time-based OTP that is generated by the back-end. I don't see how it's linked to storing password, unless yo're telling me to store like a password.

0 Answers