Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Andreas Gohr's Blog:
Working with Password Hashes in PHP
Jul 29, 2008 @ 12:57:43

Andreas Gohr has a general overview of hashing in a new post to his blog:

Every good programmer knows, that passwords should never be stored in clear text. Instead a one way hash (or digest) should be used. This way user passwords are not at risk in case of an intrusion.

He points out the multiple ways that PHP offers for both simple hashing (like md5 or sha1) and the true encryption types (like ssha, apr1 and crypt). He shows how they work in the DokuWiki application via a call to auth_cryptPassword to make it and db_get_hash/auth_verifyPassword to check against it.

tagged: password hash encrypt method dokuwiki

Link: