Tag Archives: password hashing

PHP 5.5 Password Hashing API

Most of the applications or websites today have a user registration system which requires storing usernames, passwords etc. A developer of the application should always store passwords securely and never in plain text. There are many methods to encrypt or hash passwords and store in the database but which method to use? The methods that are currently used are hashing password using algorithms like MD5(), SHA1(), BCRYPT.

MD5() and SHA1() methods are now considered weak. BCRYPT is currently considered the best algorithm to use for password hashing. However, correctly implementing it can be difficult (prior to PHP 5.5). In PHP 5.5 there is a new Password Hashing API which can be used very easily for hashing the passwords using BCRYPT algorithm.
Read more »