This question already has an answer here:
In my web page, whenever someone creates a user account, a secret key would be generated for the 2nd Authentication(aka One-Time Password). An example of the generated key looks like this:"C9DR2VWVEE1SQXAR". Is it a bad move if I were to store this key as it is into the database, without hashing or salting or encrypting it? If so, what's a good way to store it php/mySQL?
Edit: I'm not looking for solutions for storing password, I'm asking about the secret key for the time-based OTP that is generated by the back-end. I don't see how it's linked to storing password, unless yo're telling me to store like a password.
</div>
