PHPDeveloper: PHP News, Views and Community

Subscribe

@phpdeveloper.org

News Archive

Community News: Latest PECL Releases (09.10.2024)

Community News: Latest PECL Releases (09.03.2024)

Community News: Latest PECL Releases (08.27.2024)

Community News: Latest PECL Releases (08.20.2024)

Community News: Latest PECL Releases (08.13.2024)

Community News: Latest PECL Releases (08.06.2024)

Community News: Latest PECL Releases (07.30.2024)

Community News: Latest PECL Releases (07.23.2024)

Community News: Latest PECL Releases (07.16.2024)

Community News: Latest PECL Releases (07.09.2024)

Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Andreas Gohr's Blog:
Working with Password Hashes in PHP

byChris Cornutt Jul 29, 2008 @ 17:57:43

Andreas Gohr has a general overview of hashing in a new post to his blog:

Every good programmer knows, that passwords should never be stored in clear text. Instead a one way hash (or digest) should be used. This way user passwords are not at risk in case of an intrusion.

He points out the multiple ways that PHP offers for both simple hashing (like md5 or sha1) and the true encryption types (like ssha, apr1 and crypt). He shows how they work in the DokuWiki application via a call to auth_cryptPassword to make it and db_get_hash/auth_verifyPassword to check against it.