The14thGOD Posted March 22, 2010 Share Posted March 22, 2010 Ok, I know I'm probably opening myself up to 'read the manual' or 'google' but I have and am still confused or finding things from 2001. (Sorry, this seemed to be the best area to put this in, I was looking for a 'general' category but didn't see one.) What is the current best encryption? I used to use md5 but I hear that's not very secure. I've seen people say sha512 or AES. Can anyone enlighten me (link articles if you wish). I'm only securing passwords for a private site, but I'm looking to learn more. This is a side project I'm doing to kill time. I plan to use salt(s) to also help in a method I read and it sounded good. Option was basically a random salt in the database as well as a salt not in the db (each user has their own salt as well as a site wide one). Though I'm not sure if that's just unnecessary or pointless? Also I was wondering what the best field to store a database in? When people store cookies, do they store your password in them? (I'm hoping to keep the user logged in when they come back the next day or something.) Thanks for any and all help, Justin Quote Link to comment https://forums.phpfreaks.com/topic/196178-encryption/ Share on other sites More sharing options...
Jax2 Posted March 22, 2010 Share Posted March 22, 2010 Here's a good example: http://www.webcheatsheet.com/php/md5_encrypt_passwords.php Quote Link to comment https://forums.phpfreaks.com/topic/196178-encryption/#findComment-1030240 Share on other sites More sharing options...
salathe Posted March 22, 2010 Share Posted March 22, 2010 Hashes are "digests", not "encryption" (Source) Quote Link to comment https://forums.phpfreaks.com/topic/196178-encryption/#findComment-1030244 Share on other sites More sharing options...
dstar101 Posted March 23, 2010 Share Posted March 23, 2010 I would suggest you using SHA for hashing password. SHA can not be decrypt because it is one way only.Instead of decrypting SHA you need to compare it And it works good for password protecting site.MySQL also comes with SHA(),MD5() and other fucntions Quote Link to comment https://forums.phpfreaks.com/topic/196178-encryption/#findComment-1030358 Share on other sites More sharing options...
simn_stv Posted March 23, 2010 Share Posted March 23, 2010 md5 and sha1 hashes are probably not 100% secure, but what is ever 100%??... using appropriate salts for your hashes could be suitable for the app ure working on. Of the 2, i'd go with sha as it has a larger bit length (160 i think) compared to md5 (128-bits) and as a result more secure, "for some definition of security" ; )... Quote Link to comment https://forums.phpfreaks.com/topic/196178-encryption/#findComment-1030391 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.