PHP用另一种方式散列密码安全性 [英] PHP different one way hashes for password security

问题描述

我想知道使用不同的可用方法及其组合来在PHP中对密码进行哈希处理，以提高安全性. 我想知道这是否行得通..?

I was wondering to hash the password in PHP using different methods available and the combination of them for more and more security. I was wondering if this would work..?

$pass = "***";
$salt = "!@)#%%@(#&@_!R151";
$pass = sha1($pass.$salt);
$pass = md5($pass);

推荐答案

相反，您可以使用更强大的哈希算法(如 sha512 )，并结合使用强盐和UserID:这样做:

Rather than that, you can use a stronger hashing algorithm like sha512 with combination of a strong salt and UserID: Do it like this:

 echo hash('sha512', 'MyPassword' . $StrongSalt . $UserID);

SHA512实际上是SHA-2，没有发现冲突.请参见维基百科.

SHA512 is actually SHA-2 for which there are no collisions found. See at wikipedia.

这篇关于PHP用另一种方式散列密码安全性的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！