+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: Using CodeIgniter (https://forum.codeigniter.com/forumdisplay.php?fid=5)
+--- Forum: Libraries & Helpers (https://forum.codeigniter.com/forumdisplay.php?fid=11)
+--- Thread: [Help] Secure Password Hashing Algorithm (/showthread.php?tid=62145)
[Help] Secure Password Hashing Algorithm - atom - 06-13-2015
Hello,
I have this lines of code:
Code:
$password = $_POST['password'];
$salt = '$2a$07$R.gJb2U2N.FmZ4hPp1y2CN$';
$encrypted_password = crypt($password, $salt);It successfully stores the encrypted password in my database and I also used that same line of code in LogIn but it wasn't working.
Do you guys know how to compare the password from login to password that was stored in the database?
Thanks in advance.
RE: [Help] Secure Password Hashing Algorithm - jithinjohnygeorge - 06-13-2015
Use password_verify () method.
code
Code:
password_verify ($password,$hash)RE: [Help] Secure Password Hashing Algorithm - isabella - 06-17-2015
Why don't you use SHA1 built-in hash function for password encryption?That is one of the best secure solution.
RE: [Help] Secure Password Hashing Algorithm - JayAdra - 06-17-2015
(06-17-2015, 04:16 AM)isabella Wrote: Why don't you use SHA1 built-in hash function for password encryption?That is one of the best secure solution.
SHA1 is not secure. Don't use it. Use Bcrypt instead.
RE: [Help] Secure Password Hashing Algorithm - mwhitney - 06-17-2015
Use PHP's password_hash() (which currently uses BCrypt, but may be updated in the future to support other algorithms). That page also includes a link to a library which adds support for the password_ functions for PHP versions prior to 5.5, if needed.