What is the safest hashing method? (Php)

Question

What is the safest hashing method? (Php)

I just noticed that I have SHA512 in my PHP installation. Is it safer than SHA1? Is this the safest hashing method (I need for passwords, not for checking file integrity)?

+2

php hash

Happydeveloper Nov 27 '10 at 13:29

source share

4 answers

In response to @Buddy, speed is not your friend for hashing; the slower the better. If someone tries to reset the password, an algorithm that takes a lot of time will mean that hacking will take a lot of time.

+4

Matt asbury Apr 11 '12 at 9:18

source share

Sha512 is better .. I would also recommend using salt

Also see: PHP Secure Hash and Salt for Passwords

+3

Enrico pallazzo Nov 27 '10 at 13:33

source share

You can try "This Link" , this is a library for randomly generating salt hashes, one of the safest ways to hash passwords and user authentication.

0

Kiran Gopalakrishnan Dec 15 '15 at 3:54

source share

Happydeveloper · Accepted Answer · 2012-04-12T07:07:46+0000

I asked this question a long time ago.

The answer is to always use the algorithm that was developed for this and pass the time test.

Currently, this algorithm will be bcrypt (there are 2 more, but I do not remember their names). There are bcrypt implementations in each language, so just find one and use it. If computers continue to grow (which will weaken your hashes), you can increase the number of rounds used to slow down (scaled with hardware).

md5, sha1, sha512, etc .: they suck passwords. How much do they suck? You can use mid-length helmets in hours or even seconds with your laptop. And this is normal; they are not designed to protect passwords. They can still be used as cryptographic primitives, for example: you can implement bcrypt using md5.

What is the safest hashing method? (Php)

More articles: