Since PHP 5.5, password hashing has become the recommended way to encrypt and authenticate passwords. Learn how password hashing is more secure than using old encryption algorithms, such as SHA1 or MD5.
- Hi, I'm David Powers, and welcome to this week's edition…of PHP Tips, Tricks, and Techniques, designed to help you…become a smarter, more productive PHP developer.…If you've been using PHP for some time, you probably know…that you should never store passwords in plain text.…Quite simply, it's not secure.…For a long time, it was recommended that you encrypt…passwords with hashing functions, such as MD5 or SHA-1,…but as this page and the PHP online documentation explains,…MD5 and SHA-1 are unsuitable for passwords.…
Let's follow this link to see what it says.…Hashing algorithms such as MD5, SHA-1, and SHA-256,…are designed to be very fast and efficient.…With modern techniques and computer equipment,…it's become trivial to brute-force the output of these…algorithms in order to determine the original input.…In other words, it's easy to crack the encrypted password,…and this next session goes on to explain…what you should do instead.…To overcome the problem, PHP 5.5 introduced a native…password hashing API that handles the encryption…
Note: The exercise files are free to all members. The code is commented to enhance your learning, but you will need database connectivity for some files to run as intended.
Skill Level Intermediate
PHP: Managing Persistent Sessionswith David Powers2h 41m Intermediate
New this Week:
Creating a download link New9m 45s
1. Weekly Episodes
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.