Ask Question
SignIn

    Icons

    Questions

    Snippets

How can we encrypt password using PHP?

There are several ways to encrypt passwords in PHP, but one of the most widely used and secure methods is using the password_hash() function. This function uses the bcrypt algorithm to generate a secure, encrypted hash of the password, which can be stored in a database.

Example

<?php
$password = "secret123";

// Create a hash of the password
$hash = password_hash($password, PASSWORD_BCRYPT);

// Store the hash in a database

...

// Verify a password
$password_attempt = "secret123";

if (password_verify($password_attempt, $hash)) {
    echo "Password is valid.";
} else {
    echo "Invalid password.";
}
?>

Using Md5

<?php
$password = "secret123";

// Create an md5 hash of the password
$hash = md5($password);

// Store the hash in a database

...

// Verify a password
$password_attempt = "secret123";

if (md5($password_attempt) == $hash) {
    echo "Password is valid.";
} else {
    echo "Invalid password.";
}
?>

In this example, the md5() function is used to create a hash of the password secret123. The resulting hash can then be stored in a database.

When a user attempts to log in, the md5() function is used to generate a hash of the entered password, and the resulting hash is compared to the hash stored in the database. If the two match, the user is granted access.

Note - This method is not secured because md5 creates one hash for one string. This means, you can easily guess password.

Using Crypt

<?php
$password = "secret123";
$salt = "salt-value-here";

// Create a crypt hash of the password
$hash = crypt($password, "$2y$10$".$salt);

// Store the hash in a database

...

// Verify a password
$password_attempt = "secret123";

if (crypt($password_attempt, $hash) == $hash) {
    echo "Password is valid.";
} else {
    echo "Invalid password.";
}
?>

In this example, the crypt() function is used to create a hash of the password secret123 using the bcrypt algorithm and the specified salt value. The resulting hash can then be stored in a database.

When a user attempts to log in, the crypt() function is used to generate a hash of the entered password, and the resulting hash is compared to the hash stored in the database. If the two match, the user is granted access.

It's important to use a strong and unique salt value for each password to prevent dictionary and rainbow table attacks. Additionally, it's recommended to use a secure algorithm like bcrypt for password encryption.

kabeer
kabeer

Added  Feb 02, 02:26 pm

Article tags

More Articles

How to create pagination in Php?
Get client system information in php
Get mac address of client machine using php
Php network functions
Difference between setinterval and settimeout
How can i print only time in C++?
How can I create a dynamic URL in HTML?
How can we write Koppa in Unicode?
How to set cookie in php for when browser session end?
How do you make an SVG animation loop in html?
×
SignUp with Email
X