I think the main reason why we have to hash passwords is to prevent passwords from being stolen or compromised. You see, even if someone steal your database, they will never read your actual or cleartext password. I know that some PHP frameworks or CMS already provide this functionality, but I believe that it is important for us to know how its implementation can be made.

His sample application stores the user data in a MySQL database and does the salting+hashing at the time of the request. It uses a hard-coded salt and a value of 8 for the hashing/stretching. Screenshots of each page in the example application are also included.

Recently PHP 5.5 was released into beta, which puts us one step closer to another release of PHP. This week, I thought I would spend a little time explaining a new feature that will be implemented in 5.5 that will hopefully make dealing with passwords easier for developers to grasp and properly implement. I cannot tell you the number of apps, even ones written within the last year or so, that I open up only to find either an md5 hash, or worse, clear text password storage. I keep telling myself that eventually this will come to an end, and people will stop taking the easy way out. Maybe PHP 5.5 will have made it so easy that there is simply no further excuse not to implement solid password hashing.

He includes an example of the four new functions that will come with the hashing functionality: password_get_info, password_hash, password_needs_rehash and password_verify. He includes the parameters that should be included in each call and the details from the call to get the hash's info. If you're not going to be able to move up to PHP 5.5 when it's released, you might consider looking into this compatibility library to have a similar interface and functionality (for 5.3.7 or greater).

You must always think about security. If passwords are stored in plain text, what happens if an attacker gains access to your database? He can easily read all of the users' passwords. That's why we use a technique called password hashing to prevent attackers from getting user passwords. In this article you'll learn how to store the passwords securely in the database so that, even if your database falls into wrong hands, no damage will be done.

He starts off describing what password hashing is and why it's important (and better than it's plain-text alternative). He gives some examples of using some of the built-in hashing functions PHP has to offer to generate the hashes. He starts with md5/sha1 (note, these are not recommended) but moves into more effective options like sha256, salted hashing and even bcrypting passwords with crypt.

Be sure to check out the comments for other security concerns and links to suggested tools and resources.

The other day, PHP 5.5 Alpha 1 was released to the public for the first round of testing the new features that are coming out. One of those new features is the Simplified Password Hashing API that I proposed (and was accepted). I have received a lot of feedback and criticism of the new API in the months since it's been committed. I figured now that Alpha 1 is out and people can play with it, I should respond to some of those items, and give a little bit more insight into why it was built the way it was...

He talks about some of his goals with the use of the functionality (simplicity, something "the 99%" can use) ans answers questions about:

• Why the functions aren't namespaced
• Why it's not just a class that can be included when needed
• The choice of not going with an OOP interface
• Why PBKDF2 and Crypt-SHA-512 aren't supported

...and several other questions, but you'll have to read the full post for the rest of those. You can find out a lot about the API for this functionality from its wiki page and, if you'd like to try it out (in an alpha state), you can download this version of PHP and compile it yourself.

So I was handed an ancient project which was up to me to fix / improve. About a week later I am about done but there is 1 thing I left...Login security. As it is now, it's just md5(password) that's saved in the database. Better then nothing, but far from good enough. My plan was to have a constant pepper in the class which handles the logins, then do something like crypt(pepper . $password) to store it, since that should generate a random salt and is slower then sha1 / md5 / etc. I feel this should be save enough, do any of you have any ideas on how to improve it (without non-standard extensions)?

There's lots of comments so far and a lot of them are following along the same lines - use a better method of encryption, something like crypt with Blowfish or something similar as well as some hashing (like HMAC).

The linkedin password breach highlighted once again the risks associated with storing user passwords. I hope you are not still storing passwords in the clear and are using a one-way salted hash before storing them. But, the algorithm you choose to use is also important. [...] The choice, at the moment, seems to come down to SHA512 versus Bcrypt encryption.

[...] I wanted to switch one of my personal apps to use bcrypt, which on php means using Blowfish encryption via the crypt() function. There's no shortage of classes and examples for using bcrypts to hash a string. But I didn't find anything that outlined how to setup a database table to store usernames and passwords, salt and store passwords, and then verify a login request.

He shows you how to set up a simple "users" table and the code for a "save_user" method that takes in the username/password and generates a salt and calls crypt on it with the Blowfish prefix on the string ($2a$). His login check function ("validate_user") then takes the user's input, does the same hashing and checks the result.

The other day I announced the release of my new password hashing library, PasswordLib. As I've come to expect, Reddit was full of interesting commentary on the topic. Some was good, some was bad and some surprised me. What surprised me was the insistence on a global salt (otherwise known as a "pepper"). So, I started thinking about it some more, and I figured I'd write a post on why I don't use peppers in my hashing algorithms (and why you may want to rethink it too).

He starts with an explanation of what a salt is (and isn't) to lead naturally into the idea of a "pepper", a single unique value that's used across an entire site/application for password encryption. He covers four flaws inherent with this method:

• There's no proof that using them increases your security.
• There are no publicly vetted hashing algorithms that accept a pepper as an argument.
• Using a block cipher instead of a pepper provides a stronger level of encryption and protection.
• The entire concept of a pepper is based around a flawed premise. [...] The flaw in that premise is that it's often not just your database that's leaked.

The easy and common solution for this particular problem is to use an one-way hash function, such as md5 and sha1, which takes the password and encrypts it. Unfortunately, this method is not as strong as you may think. [...] We can protect our password from rainbow tables and similar attacks by using salts.

He talks about storing passwords in a database (never as plain text!) and what rainbow tables are and how they can make it simple for a user to break a poorly hashed value. He shows how to use the crypt function together with the sha512 hashing tool to make a salt.

The wiki.php.net box was compromised and the attackers were able to collect wiki account credentials. No other machines in the php.net infrastructure appear to have been affected. Our biggest concern is, of course, the integrity of our source code. We did an extensive code audit and looked at every commit since 5.3.5 to make sure that no stolen accounts were used to inject anything malicious. Nothing was found. The compromised machine has been wiped and we are forcing a password change for all svn accounts.

The issue was caused by a combination of a problem with the wiki software and a Linux root exploit. The Register has additional comments about the issue and outage.

Even though it is true in effect that using a salt increases the overall security of your hashes BUT it's not only because your passwords are longer. There is a another (maybe even more important) factor that comes into play, namely the fact they are more secure against rainbow table attacks, but that depends on HOW you season your hashes. Season it incorrectly, and you gain nothing in security even though you think you did...

He gets into some of the details about hashing your information, how you can break that hash easily and how salting your information can help reduce that risk. He also points out things like rainbow tables and brute force that could still break these salted passwords.He recommends using a different method than a single salt - a different one for each user with a part stored in plain-text along with the user record.