Sunday, December 27, 2009

The Art of Password Protection in PHP

While I was working on some algorithm on PHP earlier on, I began to thought about the methods of password protection when I was still a novice in PHP, till now where I stand. Here's a little bit on how I went through the stages of password protection.

The Art of Password Protection, MD5, SHA1, Salting, php code

Of course my website wasn't hack and I wasn't that bad NOT to hash the password at all. When I started off building my first website, betaPod, I actually used MD5 for password to be hashed. Afterwhich, I learnt about how MD5 passwords can be rainbow-tabled and cracked, and came to know about what is called salting.

Then when I thought that if salting is not enough, I came up with positions of the salt based on the password entered, which makes the hash very unique and secured.

You can definitely use the code in the image.

No comments: