Encrypt Password is must important in php to secure your site password.In this post we discuss about password encryption with md5(), sha1(), & password_hash() Functions…
What is password encryption method?
PHP encryption is important to the privacy and safety of your data. In practical terms, PHP encryption uses algorithms (sometimes called hashing algorithms) to translate the “clear” data into encrypted text that requires very specific decryption processes to “decode” the data back to the clean version.
md5() Function :
The md5() function uses the RSA Data Security, Inc. MD5 Message-Digest Algorithm. From RFC 1321 – The MD5 Message-Digest Algorithm: “The MD5 message-digest algorithm takes as input a message of arbitrary length and produces as output a 128-bit “fingerprint” or “message digest” of the input.
md5() Example :
<?php
$str = "Hello";
echo md5($str);
?> Output :
8b1a9953c4611296a827abf8c47804d7sha1() Function :
The sha1() function uses the US Secure Hash Algorithm 1. From RFC 3174 – The US Secure Hash Algorithm 1: “SHA-1 produces a 160-bit output called a message digest. The message digest can then, for example, be input to a signature algorithm which generates or verifies the signature for the message.
sha1() Example :
<?php
$str = "Hello";
echo sha1($str);
?>Output :
f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0password_hash() Function :
What is password_hash?
password_hash() creates a new password hash using a strong one-way hashing algorithm. The following algorithms are currently supported: PASSWORD_DEFAULT – Use the bcrypt algorithm (default as of PHP 5.5. 0). Note that this constant is designed to change over time as new and stronger algorithms are added to PHP.
password_hash() Example :
<?php
$str = "Hello";
echo password_hash($str , PASSWORD_DEFAULT);
?> Output :
$2y$10$f9JApn/0fEAfG.wDgjayrem6d/2X6QLDrgJVwdiMUnu/MccX5bdIWWhy encryption is important for data protection?
Main advantage of this function Secure Data From Hackers, Encryption is a basic, but important component of any application because it allows you to securely protect data that you don’t want anyone else to access.
How does Mysql Encrypt PHP Passwords?
MySQL doesn’t store passwords as plaintext but rather as a hashed value calculated by the Password() function. Using the Password() function to encrypt passwords is acceptable, but you can use more potent encryption methods. PHP MySQL password encryption docs explicitly state that Password() should only be used to manage passwords for MySQL internal accounts. Whenever we create a new user account using the CREATE USER command, MySQL takes the IDENTIFIED BY value and runs it through the Password() function behind the scenes. For that purpose, they recommend going with something a little more potent like SHA1 or Hash() and a random salt per Password to generate their rainbow tables based on the common salt. That ought to be strong for most purposes.
Reference : Click Here
