Is this a good way to encrypt passwords in PHP?

Asked Nov 04 '15 at 21:00

Active Nov 04 '15 at 21:43

Viewed 32 times

$encrypted_pass = hash("sha256", $password. "randomSalt");

If not, what is a very good method to encrypt PHP passwords (without having to install additional plugins or modules, so I prefer simple methods)?

Thanks.

edited Nov 04 '15 at 21:43

Artjom B.

asked Nov 04 '15 at 21:00

5

No it isn't. Use the [password_hash](http://php.net/manual/en/function.password-hash.php) functions, which were specifically designed for this purpose. – r3mainer Nov 04 '15 at 21:07
I'm voting to close this question as off-topic because it is asking for [a code review](http://codereview.stackexchange.com/help/on-topic) – Quentin Nov 04 '15 at 21:44
2

And traditionally: hashing != encryption – zerkms Nov 04 '15 at 21:49
If you're unclear on cryptography concepts, [start here](https://paragonie.com/blog/2015/08/you-wouldnt-base64-a-password-cryptography-decoded). – Scott Arciszewski Nov 05 '15 at 15:45

0 Answers0