otuatail Posted February 2, 2012 Share Posted February 2, 2012 Hi I have used md5 encription on my websites for security. Passwords for example. Also passing information between pages also. I have been seing on some websites that require email validatin the following ... ?id=CJmEifn7tM_l2gEQy8yKxLyc0MBa&hl This is not md5 is this a new and more secure encription? Seems to have upper and lower case as well as other symbols. TIA Desmond. Link to comment https://forums.phpfreaks.com/topic/256261-md5-encription/ Share on other sites More sharing options...
scootstah Posted February 2, 2012 Share Posted February 2, 2012 Two things. 1. MD5 is not encryption, it is hashing. There's a big difference. 2. MD5 is not secure for storing passwords. That just looks like a randomly generated string, nothing special. Link to comment https://forums.phpfreaks.com/topic/256261-md5-encription/#findComment-1313693 Share on other sites More sharing options...
otuatail Posted February 2, 2012 Author Share Posted February 2, 2012 Ok it is probably random generated and is used as a forgot password kind of thing. As for MD5 is not secure for storing passwords What I do is MD5() the password into the database and use that for every log in. It is not realy encription but will fail for an invalid password. Also my passwords are not words now. they can be sentances with spaces and any key but still MD%() into the database. This should be ok shouldent it? Link to comment https://forums.phpfreaks.com/topic/256261-md5-encription/#findComment-1313717 Share on other sites More sharing options...
ManiacDan Posted February 2, 2012 Share Posted February 2, 2012 No, that's what we're saying. MD5 is not secure for storing passwords. You should use the crypt function with a salt. Link to comment https://forums.phpfreaks.com/topic/256261-md5-encription/#findComment-1313725 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.