This is my current password hashing procedure in PHP / SQL projects ...
- Take 512 bits of one user fraction from / dev / urandom stored in the user database entry in addition to the final hash
- Take the 512 bit pepper from / dev / urandom, which is stored on the file system. This is constant for each application and the same for each user.
- Then
hash('sha512', $password.$salt.$pepper, TRUE)
The hash and salt are stored in binary format in the database, mostly out of habit. I do not think this has any security implications. If something is a little less convenient for SQL backups and makes the PHP code a little more complicated.
Is hash() with SHA-256 or SHA-512, which are believed to have been surpassed by bcrypt these days?
I believe that SHA-2 (256/512) is still considered cryptographically secure, and I will probably overdo the entropy bits. Most likely, this will be an error in my code, which will lead to problems than an attacker reconstructing the SHA-2 hash from a database dump.
But do I need to update my methodology to use crypt() instead of CRYPT_BLOWFISH (I believe this is called bcrypt, and blowfish is technically an encryption algorithm, not a hash)?
Even as the best best practice?
I'm not particularly worried about the computational expense of the algorithms (within reason). This would ever be a factor when creating accounts, changing passwords, or when logging in when you haveh the comparison. These actions make up a small percentage of page views. I guess the slower the better, if it makes the server work harder, then it will make the attacker work slower than brute force.
Greetings, B
source share