Hashing on php is a good way to encode a string, especially for passwords. One big mistake is password stored in the database without being encrypted. So, When one gets access to the database, can login directly. Major used hash type of php are md5, sha236, sha512, sha1 is stronger between them. Md5 hashes can be cracked very fast due to big lists of password combinations.
It is recommended to decrypt md5, because there are many chances that your hash will get cracked, May be they have the md5 hash of your password stored into the database.
Best tips :-
Use salts
Use sha512
Strong password
Example of sha512
<?php echo hash('sha512', 'mypass'); ?>
It is better to use different combination of latters : ex: gA@2#j,J%19&
Salts :-
Slat is a combination of password and hash. This is the best method as the attacker.
Salting the password :-
<?php
$pass = "gj.mgat.5d%GA";
$salt = "wK5&.gdxmja,5";
$pass = $pass.$salt;
$pass = hash('sha512', $pass);
echo $pass;
?>
Salting the hash :-
<?php
$pass = "gj.mgat.5d%GA";
$salt = "wK5&.gdxmja,5";
$pass = hash('sha512', $pass);
$pass = $pass.$salt;
echo $pass;
?>
It is recommended to decrypt md5, because there are many chances that your hash will get cracked, May be they have the md5 hash of your password stored into the database.
Hashing Tips on PHP
Best tips :-
Use salts
Use sha512
Strong password
Example of sha512
<?php echo hash('sha512', 'mypass'); ?>
It is better to use different combination of latters : ex: gA@2#j,J%19&
Salts :-
Slat is a combination of password and hash. This is the best method as the attacker.
Salting the password :-
<?php
$pass = "gj.mgat.5d%GA";
$salt = "wK5&.gdxmja,5";
$pass = $pass.$salt;
$pass = hash('sha512', $pass);
echo $pass;
?>
Salting the hash :-
<?php
$pass = "gj.mgat.5d%GA";
$salt = "wK5&.gdxmja,5";
$pass = hash('sha512', $pass);
$pass = $pass.$salt;
echo $pass;
?>
0 comments:
Post a Comment