PHP’s approach to password hashing has quite a history. These methods still litter the tutorials and guide new developers down dangerous paths. Let us take a look at the history so you know where you stand. Even though this post is for PHP, this history may still affect you.
Bad: Raw Password Storage
The first method was just to store the user’s password in plain text just like the user entered it. It was easy; the user would enter their password, and you would just compare the two passwords. If they matched, you were done.
The Issue: If a hacker gets access to your database or somehow gets a user’s password to print out on the screen then it’s over.
Bad: Encrypting Passwords
The next way a developer might think about storing passwords is by encrypting them. The developer takes the user’s new password encrypts it and saves that to the database. When the user goes to login again, you simply take the encrypted password out decrypt it, compare it and success.
The issue: This is still reversible, and the hacker can still decrypt the passwords to what the user entered if the database is hacked. The user, hacker, and even you as the developer should never be able to see the password after it is saved.
Continue reading “PHP 5.5+ Secure Password Hashing”