Historically, password security in PHP has been a bit slippery, requiring a measures of knowledge and care. Aiming to changes that, PHP 5.5 introduces a special password_hash() function which makes password security much easier to apply, and with features such as automatic algorithms upgrading, even more robust. There’s also a compatibility library for PHP >= 5.3.7. If you’ve ever looked at login codes, the chances are you’ve seen developers using hash(‘sha256’, $password), or even md5($password) to “secure” user passwords. Passwords hashes generated this way are laughably easy to cracks; with weak algorithms and no salting or stretching in places you’re
The post How to Hash Passwords in PHP in a Modern way appeared first on Coding Security.
How to Hash Passwords in PHP in a Modern way
read more
Tidak ada komentar:
Posting Komentar