Coding an application that needs to store user's passwords for login.
At the moment, I am using the following code:
<?php
$password = $_GET['password'];
$salt = "pepper";
$password = crypt($password,$salt);
?>
Exactly how secure is this method? For instance, if someone managed to get the $salt, how easy would it be for them to decrypt the data?
I'm no cryptanalist, but that method is rather weak, because the default hash algorithm used is a modified version of DES and DES can be cracked with relatively unexpensive hardware in a short time: given that non-modified DES was cracked in 1998 by EFF Deep Crack in 22 hours, cracking or finding a collision for this modified version shouldn't be that difficult.
Furthermore, crypt manpage (the function PHP is wrapping on *nix systems) reports:
Warning: The key space consists of 2**56 equal 7.2e16 possible values. Exhaustive searches of this key space are possible using massively parallel computers. Software, such as crack(1), is available which will search the portion of this key space that is generally used by humans for passwords. Hence, password selection should, at minimum, avoid common words and names.
Instead, use SHA-512 and perform multiple hashing rounds with:
// Take advantage of mcrypt extension if it is installed!
// Otherwise, generate $salt in any other way, but don't use a fixed one
$salt = strtr(base64_encode(mcrypt_create_iv(16, MCRYPT_DEV_URANDOM)), '+', '.');
$hash = crypt($password, '$6$rounds=10000$' . $salt . '$');
echo $hash;
SHA-512 with enough rounds is considered an industrial standard for password hashes in the *nix land, with mcrypt_create_iv providing a good (in the sense of entropy) $salt.
Final notice: make sure you use a proper salt and generate a different one for each user.
