What method to encrypt passwords for storage in the database?

A

Alexander Lalikin2015-05-29 08:35:38

PHP

Alexander Lalikin, 2015-05-29 08:35:38

All textbooks and articles talk about md5, how relevant is it today?
Programming language - PHP.

Reply

Answer the question

In order to leave comments, you need to log in

4 answer(s)

S

Sergej, 2015-05-29
@Lalikin

Not relevant md5.
https://php.net/manual/ru/function.password-hash.php
habrahabr.ru/post/194972

V

Vladimir Martyanov, 2015-05-29
@vilgeforce

Do you still encrypt or hash? If the second one is SHA1, SHA256, SHA512 it will do fine.

R

Roman Kitaev, 2015-05-29
@deliro

Forget about md5 and clean password hashing!
md5 is prone to collisions, and a password wrapped in md5 can be calculated in a couple of seconds using rainbow tables.
This thing here recommends using PBKDF2 with a minimum of 10,000 iterations (as of 2011). Better use more now.

I

ivlad, 2015-06-18
@ivlad

For php, you do not need to invent anything, you need to use ready-made libraries, for example, www.openwall.com/phpass