Hello guest, welcome to Friendosphere, the community can't wait for your contribution.

What is the best or most secure way to hash passwords in PHP?

+1 vote
asked Dec 21, 2016 in PHP by DanielTheGeek Q & A Ninja (1,310 points)
We all know md5() and other archaic hashing functions are no longer safe for password hashing. What I want to know is the list of PHP hashing algorithms based on the level of security.

1 Answer

+2 votes
answered Dec 22, 2016 by jpmoriarty Friendospherian (310 points)
bcrypt() is one I use more often
commented Dec 22, 2016 by DanielTheGeek Q & A Ninja (1,310 points)
I also mainly use bcrypt through PHP password_hash() method but what I want is a list of other hashing functions available and their security flaws (if any).
commented Jan 5, 2017 by Okwyee Q & A Ninja (610 points)
I found some useful info related to this  here https://crackstation.net/hashing-security.htm.
Complicated stuff
commented Aug 18, 2017 by DanielTheGeek Q & A Ninja (1,310 points)
Yes, according to Crack Station...bcrypt should be used as the hashing algorithm. In PHP, you can achieve this using the password_hash function and passing PASSWORD_BCRYPT as the hashing algorithm.