PHP Securitywise Why is md5 no longer considered safe?

Question

PHP Securitywise Why is md5 no longer considered safe?

For a long time as a php developer, I used the md5 hash algorithm to protect password data and create unique hash algorithms.

However, from the last few months I have heard rumors that md5 is no longer considered safe, I like to know why?

What are the alternatives for password authentication, i.e. SHA1, password_hash () in PHP 5.5? And I like to know why these alternatives are considered the best choice now for several days, because for me most of them are again another hashing algorithm ...

+4

security php

mahen3d Mar 03 '14 at 6:09

source share

2 answers

. ( , ), - , = .

SHA-256/SHA-512 - , , , , . , , , .

+1

jhmckimm 03 . '14 6:17

Shankar Damodaran · Accepted Answer · 2014-03-03T06:11:25+0000

- `research studies` , `md5()` , !

....

enter image description here

password_hash() PHP 5.5, crypt() , .

password_hash(), PHP

<?php
$options = [
    'cost' => 12,
];
echo password_hash("rasmuslerdorf", PASSWORD_BCRYPT, $options)."\n";
?>

crypt, BLOWFISH

if (CRYPT_BLOWFISH == 1) {
    echo 'Blowfish:     ' . crypt('rasmuslerdorf', '$2a$07$usesomesillystringforsalt$') . "\n";
}

EDIT :

`md5()`?

, MD5, SHA1 SHA256, . , " " , . - , "" , .

`password_hash()` PHP 5.5?

. , . PHP 5.5 API , password_hash(), .

Source

PHP Securitywise Why is md5 no longer considered safe?

- research studies , md5() , !

md5()?

password_hash() PHP 5.5?

More articles:

- `research studies` , `md5()` , !

`md5()`?

`password_hash()` PHP 5.5?