Hey, Guys, we all know that md5 is not secure enough and easy to crack as there are many tools online to get the original password by just putting the hash, and if somebody has access to the database then hacker can easily get access to all of the user accounts even if your password is hashed using md5. So it’s very very unsafe to use md5 password hashing method. So I am going to tell you the Best Password Hashing/Encryption in PHP.
But what should we use to be more secure?
Well the PHP has a solution to it as in version 5.5.0 they’ve launched the function called password_hash, so by this built-in PHP function we can encrypt password in a more secure way as whenever the user enters a password it generates a long random string consists of integers and Alphabets upper and lower case both and different types of special characters to add more security in it so using this function we can add more security to the website.
Here is the Example of the password_hash function.
This will output a string like this –
So as you can see it is pretty awesome.
NOTE: Your output may be different as it generates random string every time.
and now you are thinking that how to verify the password in the login system when we need to ensure hat password of a particular user is correct or not. So don’t worry PHP has a solution for that too
Code to verify the password using the password_verify function.
So password_verify is a function that helps us to verify that the password is correct or not.
So the password_verify function needs 2 parameters
- password entered by the user.
- password hash stored in the database
So here is the example of this function.
So using the password hash you can verify the password of the user and make a more secure login system.
But there is a small problem.
If we are using PHP version 5.3, then how will we use it? Don’t worry you can still use it as their is an awesome library (password_compact) available, so that we can use all the password encyption method before PHP version 5.5, so yoi can download the library here – password_compact
and just include the password.php file in the libs folder in your project –
So by this simple way you can use it below 5.5 version of php.
And that’s pretty much it. let me know in the comment below that it is intresting or not and if yes please leave a comment and subscribe to the blog for future updates via email.