Tools
PassCrypto
Use this tool to generate hash values (message digests) using a variety of Hashing Algorithms.
Why should I hash passwords supplied by users of my application?
Password hashing is one of the most basic security considerations that must be made when designing
any application that accepts passwords from users. Without hashing, any passwords that are stored in
your application's database can be stolen if the database is compromised, and then immediately used
to compromise not only your application, but also the accounts of your users on other services, if
they do not use unique passwords.
By applying a hashing algorithm to your user's passwords before storing them in your database, you
make it implausible for any attacker to determine the original password, while still being able to
compare the resulting hash to the original password in the future.
It is important to note, however, that hashing passwords only protects them from being compromised
in your data store, but does not necessarily protect them from being intercepted by malicious code
injected into your application itself.
Why are common hashing functions such as MD5, SHA1, and SHA256 unsuitable for passwords?
Hashing algorithms such as MD5, SHA1 and SHA256 are designed to be very fast and efficient. With
modern techniques and computer equipment, it has become trivial to "brute force" the output of
these algorithms, in order to determine the original input.
Because of how quickly a modern computer can "reverse" these hashing algorithms, many security
professionals strongly suggest against their use for password hashing.
How should I hash my passwords, if the common hash functions are not suitable?
When hashing passwords, the two most important considerations are the computational expense, and the
salt. The more computationally expensive the hashing algorithm, the longer it will take to brute
force its output.
In the case of PHP, PHP provides a native password hashing API that safely handles both hashing and
verifying passwords in a secure manner.
Another option is the crypt() PHP function, which supports several hashing algorithms in PHP 5.3 and
later. When using this function, you are guaranteed that the algorithm you select is available, as
PHP contains native implementations of each supported algorithm, in case one or more are not
supported by your system.
The suggested algorithm to use when hashing passwords is Blowfish, which is also the default used by
the password hashing API, as it is significantly more computationally expensive than MD5 or SHA1,
while still being scalable.
Note that if you are using the PHP crypt() function to verify a password, you will need to take care
to prevent timing attacks by using a constant time string comparison.
What is a salt?
A cryptographic salt is data which is applied during the hashing process in order to eliminate
the possibility of the output being looked up in a list of pre-calculated pairs of hashes and their
input, known as a rainbow table.
In more simple terms, a salt is a bit of additional data which makes your hashes significantly more
difficult to crack. There are a number of services online which provide extensive lists of
pre-computed hashes, as well as the original input for those hashes. The use of a salt makes it
implausible or impossible to find the resulting hash in one of these lists.
How do I store my salts?
When using a hashing function, the return value includes the salt as part of the generated hash.
This value should be stored verbatim in your database, as it includes information about the hash
function that was used and can then be given directly to hashing function when verifying passwords.