Password hashing

Question

Password hashing

I am creating a web application that stores user passwords. I was wondering what are the best methods / algorithms a programmer can use for hash passwords?

+4

computer science

Jamal khan Aug 11 '11 at 16:19

source share

2 answers

This is a related article ... http://www.h-online.com/security/features/Storing-passwords-in-uncrackable-form-1255576.html

and he mentions this tool ...

http://www.openwall.com/phpass/

Maybe this will help you get some ideas ?!

Edit:

PHP 5.5 implements an API for secure password hashing!
For PHP> 5.3.7, there is already a set of functions for inject APIs into your scripts for secure password hashing .

+3

Eddy freddy Aug 12 '11 at 2:54

source share

Lukeh · Accepted Answer · 2011-08-11T16:22:28+0000

Key gain methods such as bcrypt or PBKDF2 are generally considered better than simple hashes because cracking them requires more resources. The disadvantage of this is that they also require more resources to generate and validate them; your resources.

No matter which algorithm you choose, always use salt that is appropriate for each user.

Password hashing

More articles: