How to encrypt passwords – PHP

  php

Q(Question):

How to encrypt and decrypt password in php ? Is there any built-in function for encryption and decryption ? Help me friends..

A(Answer):

try PHP’s encryption functions. PHP: Cryptography Extensions

A(Answer):

md5() is probably the most popular and easy to use function. If you google "php encryption function" I am sure you will get your answers. Always try google first.

A(Answer):

@Viji nellaiappan

Use md5(Password) for Encryption or other wise please try it on google first.

A(Answer):

md5() is a hash and, therefore, will not be ‘decrypted’ (not easily, anyway). Passwords should be hashed. You should never need to see the actual password.

A(Answer):

I read somewhere (http://mail.python.org/pipermail/pyt…er/281621.html) that md5 and sha1 were weakened and I have seen 2 passwords bring the same output. As a result it is thought that sha256 was now the way to go.

http://uk.php.net/manual/en/function.hash.php

Try something like:


$lcPasswordEnc = hash("sha256", $lcPasswordRaw);

Hope that helps
nathj

A(Answer):

@nathj

This is true, although to varying degrees.

MD5 is a pretty weak algorithm compared to todays standards. It has been very popular in the past, which is part of the reason why it is so weak today. People have been trying to crack it for years, and some have succeeded at it.(Or come close to it at least.)
There are also huge on-line databases, listing popular passwords and their respective hashes, so in many cases, your MD5 hash doesn’t even need to be cracked. It can just be looked up.

SHA1 is much stronger, and is a much much better choice than MD5. Even tho it is not as strong as it’s bigger brother, SHA256, your SHA1 hashes won’t be cracked in a hurry. (Not yet, anyways)

SHA256 would be my choice. It’s pretty much impossible to crack today. (As far as I’ve read.) Aiming higher is currently not really worth it, would be a waste of space in most cases, although if your really paranoid, you could try SHA512.

And there are of course other algorithms, but SHA is pretty much the standard today. (See hash_algos for a list of algorithms)

LEAVE A COMMENT