PHP different one way hashes for password security
Get the solution ↓↓↓Solution:
Rather than that, you can use a stronger hashing algorithm like sha512
with combination of a strong salt andUserID
: Do it like this:
echo hash('sha512', 'MyPassword' . $StrongSalt . $UserID);
SHA512 is actually SHA-2 for which there are no collisions found. See at wikipedia.
Answer
Solution:
Nope. Combinations do not add any security.
Actually you made it less secure. Theoretically, but anyway.
I have a feeling that hashing issues are way overestimated.
Nobody concerns in any other security issue but everyone anxious to make a hash unbreakable in a billion years. Relax, buddy. There are thousands other ways to break your app.
Answer
Solution:
I guess adding a salt is enough, but if you want more maybe do:
sha1($salt. sha1($salt. $pass));
and let$salt
contain some non-printed chars, arbitrary binary data or anything like that.
Again, I guess this won't add much since implementation I saw only add $salt, but why not more security for the coming ages : )
Answer
Solution:
Your passwords will most likely, never be 100% secure.
Try looking at a nonce. Which should be generated for each individual user.
Answer
Solution:
IF you are going to do this, don't just MD5 the result:
$pass = "***";
$salt = "!@)#%%@(#&@_!R151";
$pass = sha1($pass.$salt);
$pass = md5($pass);
Instead, run md5 on the result and the inputs...
$pass = "***";
$salt = "!@)#%%@(#&@_!R151";
$tmp = sha1($pass.$salt);
$pass = md5($tmp . $pass . $salt);
The reason is that if you domd5(sha1())
, you're basically increasing the chances of collision. The reason is that allsha1
collisions would automatically be collisions in themd5
call (hence it's a superset of the collisions). By re-entering the password and salt, you're preventing that from happening, and hence creating a "stronger" hash rather than a weaker one...
Share solution ↓
Additional Information:
Link To Answer People are also looking for solutions of the problem: port 80 in use by "unable to open process" with pid 4!
Didn't find the answer?
Our community is visited by hundreds of web development professionals every day. Ask your question and get a quick answer for free.
Similar questions
Find the answer in similar questions on our website.
Write quick answer
Do you know the answer to this question? Write a quick response to it. With your help, we will make our community stronger.