$password=,md5(sha1($_POST['password']); -
Rasi
Feb 11 '17 11:54
bcrypt is good option bcrypt also use in Laravel authentication. -
kiran
Feb 11 '17 12:00
function MakeItSalty($password,$salt=''){
$encrypted_password=md5($password);//first level encryption
if($salt=='')$salt=mt_rand(1,10000);//salt
$encrypted_password=md5($encrypted_password.$salt);
return array($encrypted_password,$salt);
}
function veriftyAuthWithSalt($entered_password,$datbase_stored_encrypted_password,$datbase_stored_hash){
reutrn($datbase_stored_encrypted_password=MakeItSalty($entered_password,$datbase_stored_hash));
}
echo password_hash("password", PASSWORD_BCRYPT);
$hashed_password = crypt('password');
if (hash_equals($hashed_password, crypt($_POST['password'], $hashed_password))) {
echo "Password verified!";
}
include("PasswordHash.php");
// Base-2 logarithm of the iteration count used for password stretching
$hash_cost_log2 = 8;
// Do we require the hashes to be portable to older systems (less secure)?
$hash_portable = FALSE;
$hasher = new PasswordHash($hash_cost_log2, $hash_portable);
$hash = $hasher->HashPassword($pass);
if (strlen($hash) < 20){
echo "Not Hashed properly";
unset($hasher);
}
function getSeed(){
return $seed = md5(time());
}
function encyrpt($password){
$seed=getSeed();
$md5SaltedPass = md5(md5($password).$seed);
return array("seed"=>$seed,"salted_pass"=>$md5SaltedPass);
}
print_r(encyrpt("IlovePhp"));
function GenerateSalt()
{
list($usec, $sec) = explode(' ', microtime());
$seed = $sec + $usec * 1000000;
mt_srand($seed);
$salt = mt_rand();
return $salt;
}
$salt=GenerateSalt();
$md5SaltedPass = md5(md5($password).$salt);
// now store both salt and salted password.
//retrieve all salted password and salt from user databse
//suppose $user contain array of salted password and salt from user databse
foreach($user as $value ){
if($md5SaltedPass = md5(md5($userPassword).$value['salt'])==$value['md5SaltedPass ']){
// ok i passed
}
}
// get one record which have given email or username
if($md5SaltedPass = md5(md5($userPassword).$user_database_value['salt'])==$user_database_value['md5SaltedPass ']){
//ok i passed
}