Password Hashing is one of the most used way of storing passwords in database. There are different ways/algorithms for generating hash of a text. The most popular ones are: MD5, SHA1, and Bcrypt. Each of these algorithms are supported in PHP.
In the article ‘Password Hashing In PHP’, Sandeep Panda explains in detail what Password Hashing is, How Hashing is done in PHP and the possibilities of going further using different algorithms.
Here is a basic MD5 hashing. Code snippet found on the article :
$password = $_POST["password"];
$password = md5($password);
Now taking to the next lexel, using SHA256 hashing. Code snippet found on the article :
$password = hash(“sha256″, $password);
To quote from the author ‘Sandeep Panda’ said:
An important security measure to follow is always hash your users’ passwords before storing them in your database, and use modern hashing algorithms like Bcrypt, sha256, or sha512 to do so. When you do, even if an attacker gains access to your database, he won’t have the actual passwords of your users.
Article: “Password Hashing In PHP” by Sandeep Panda
To conclude: Insightful article, I will definitely be using MD5 or SHA for personal projects. Used to set up basic accounts with Hashed passwords and etc.
- Robert Phan
