How to encrypt passwords?

How to encrypt passwords?

You may just tried to search how to encrypt password or how to encrypt password

Please read this article complete at the end of article you will get complete idea for methods you should use for encryption.

Directly saving password as it is , it’s not good for security purposes.

That’s why People started using MD5 algorithm.
Although it encrypts your passwords.but each time you generate hash it gives same value. hackers may use bruteforce attack to generate similar password. this why using MD5 algorithm is not good idea.

See this is how MD5 works

$password='TechUpdates.live';
$hashed_password=MD5($password);

echo $hashed_password;

After executing above program you may get below output

bf2e7c9367bad389a942735c7bf34ef2 

Then what should you use?

You can use password_hash() function . becuse each time it will generate new hash. and it’s not easy to attack on these types of password hashing mechanism.

if you are trying to implement this Please make sure that column of password has length of 60 digits. Unless you will definitely stuck in errors.

How to Implement?

<?php
/*Here techupdates.live is your password which you want to encrypt*/
echo password_hash("TechUpdates.live", PASSWORD_DEFAULT);

?>

Then output will be

$2y$10$TRMbEQEbnP9BvVRGjPPVMuRCnGDYuzwdCdzY18BDNSQjmev90dVmm

If execute again the O/P will change again see

 $2y$10$kMsTTBn1dUWt8J7XLMLfseXvgsrhnkpQDx6ilbqSZhglxpECgKQAG 

Nobody able to decrypt these passwords.

So you might have question , then how you are going to verify users? . Php provides password_verify() function . which returns boolean O/p.

For verification we will take user input of password in variable and do following

$input_password='TechUpdates.live';

 /*This will be password entered by your user*/

/*Now will get password hash from database */

$password_hash='$2y$10$kMsTTBn1dUWt8J7XLMLfseXvgsrhnkpQDx6ilbqSZhglxpECgKQAG';


/*Now will use password_verify() */

$isValid=password_verify($input_password,$password_hash);

if($isValid())
{
   echo 'Login successful';
}
else
{
   echo 'failed to login';
}

Output:

 Login successful 

This is how it works 🙂

If you have any question,complaint,suggestion,feedback on the above or any content published over website , kindly contact us.

Leave a Reply