Friday, 10 May 2019

encryption - Best way encrypt password php (in 2017)




In my website I use md5 to crypt password user in my database (and store session user)




$pswUser = md5($_POST["password"]);


But I have just been told that this way of encrypting has become obsolete



I did some research to find out how to do it but most of the posts dates from two or three years ago
So what is the best way to encrypt password in 2017 ?



Thank you




Isn't duplicate discussion ...
Secure hash and salt for PHP passwords => 2009 ...


Answer



The password hash function in combination with password verify



https://secure.php.net/manual/en/function.password-hash.php
https://secure.php.net/manual/en/function.password-verify.php


-

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

php - file_get_contents shows unexpected output while reading a file

I want to output an inline jpg image as a base64 encoded string, however when I do this : $contents = file_get_contents($filename); print ...