I'm using bcrypt locally since xampp has PHP 5.3 but online my hosting account only has PHP 5.2. Is there a good alternative I can use which works for 5.2?
I think i should update and improve this answer, because i learned a lot about password hashing in the last years.
PHP version 5.5 will provide a convenient way to use BCrypt, for PHP version 5.3.7 and above there exist a compatibility pack. Please have a look at this answer.
For PHP versions before 5.3 it is recommended to use the phpass library, they support PHP back to version 3.
I'm using bcrypt ... Is there a good alternative I can use which works for 5.2?
See Openwall's PHP password hashing framework (PHPass). Its portable and hardened against a number of common attacks on user passwords. The guy who wrote the framework (SolarDesigner) is the same guy who wrote John The Ripper and sits as a judge in the Password Hashing Competition. So he knows a thing or two about attacks on passwords.
Check out the Mcrypt PHP extension. It's been around for a long time and has several different algorithms. bcrypt appears to just be a Blowfish wrapper. You could just as easily use PHP's crypt() function, and pass the appropriate salt to force the function to use Blowfish:
// crypt($plaintext, $salt);
// How you define $salt determines the encryption algorithm used
$hash = crypt('PASSWORD', '$2a$12$Some22CharacterSaltXXO');
echo $hash;
// Output would be $2a$12$Some22CharacterSaltXXO6NC3ydPIrirIzk1NdnTz0L/aCaHnlBa
The PHP manual page (linked above) has the explanation of why the password salt looks the way it does in my example above. The $2a$ tells PHP to use Blowfish, the 12$ is a cost modifier; a number between 04 (yes, it has to be 2 digits) and 31 that (I believe) effects the number of iterations the hashing mechanism uses. As you can see, the salt is included in the output from the call to crypt(), so when you need to check something against the hash you need to retrieve the hash first (from the file or database where it's stored) to pull out the salt.
It depends on where and what you store your passwords for.
For a online website (with users etc+) i would done this:
$hash = "jr38028(/#Fjg4i4g438h9)(#Hhhf3,..;uh#F)8";
$hashed = sha1($hash . $PASSWORD . $hash); // where $PASSWORD is the variable thats holding the password.
echo $hashed; // shows the hashed password.
Edited after doing something wrong. Forgot to hash inside function, also changed to sha1 instead of md5. And haters, love you too <3
Related
I'm a fairly new developer and I want to ensure that I'm making the right decisions with regards to security. According to my research, it appears I should use a salted bcrypt hashing algorithm for my passwords. According to PHP 7's documentation, the password_hash functionality does exactly this. I don't even have to figure out a way to make my own salt as salting is included in password_hash. This seems like a simple correct answer to password hashing for PHP 7. However, simple correct answers are often wrong. What are the pitfalls of PHP's default password hashing library?
Most answers about PHP password hashing conclude that I should use password_hash/password_verify. However, my question is closer to 'how should I use them?' or 'what should I be aware of when using them?'
Seems you are looking for confirmation, so yes the password_hash() function is definitely the way to go, you can't do any better with a normal PHP installation. This function is future proof and can change the algorithm should this become necessary, while keeping backwards compatibility with existing hashes.
What you should do is:
Use the function with the parameter PASSWORD_DEFAULT, this allows to switch the algorithm in future. Have a look at the example below.
Store the hash in a database field of type varchar(255), so future algorithms can store their hashes as well.
Make sure you are working with a PHP version 5.3.7 or higher, so the function produces hashes with the identifier $2y$ (and not $2a$).
Example:
// Hash a new password for storing in the database.
// The function automatically generates a cryptographically safe salt.
$hashToStoreInDb = password_hash($password, PASSWORD_DEFAULT);
// Check if the hash of the entered login password, matches the stored hash.
// The salt and the cost factor will be extracted from $existingHashFromDb.
$isPasswordCorrect = password_verify($password, $existingHashFromDb);
What I used to do:
$salt = md5(time().rand(0,9999999).rand(0,100000));
$hashed_password = sha1($salt.$_REQUEST["newpassword"].sha1($salt));
$query = "update users set password=:hashed_password, salt=:salt where uid=:uid";
And then to check the password
if ($mysql_row["password"]==sha1($mysql_row["salt"].$_REQUEST["loginpassword"].sha1($mysql_row["salt"]))) loginsuccess = true;
Now I find out that this is an unsafe way to store passwords because sha1() is crap, so I decided to use crypt(). I'm not using password_hash() and the compatibility pack because I sometimes have to move a site to another server that has a different (sometimes older) PHP and I want the hashes/passwords generated on later PHP versions to still work on servers with the earlier PHP versions.
So crypt() says I can do something like
$salt = md5(time().rand(0,9999999).rand(0,100000));
$hashed_password = crypt($_REQUEST["newpassword"],$salt);
$query = "update users set password:hashed_password where uid=:uid"; // doesn't save salt
and then to check the password:
if (crypt($_REQUEST["loginpassword"], $mysql_row["password"]) == $mysql_row["password"]) $loginsuccess = true;
So my questions are:
Do I really not have to store the salt anywhere when using crypt()? Is crypt($something,$somethingelse)==$somethingelse always true when $something==$somethingelse ? (now I realize I could've just started with this question)
Am I right that hashes generated with the compatibility pack on newer PHP versions may not be the same as those generated on older PHP versions, so in effect making generated passwords incompatible between different versions of PHP? If so, why is it called a "compatibility" pack?
I realize I could test most of this, but when it comes to security I'd rather have an expert opinion.
No, it can vary from server to server; it depends on the available algorithms. password_hash allows you to specify the algorithm.
See 1. password_hash is compatible with crypt.
There is one more problem with your code:
Your salt generation is not random enough. rand is not very good. mt_rand is slightly better, openssl_random_pseudo_bytes is good, password_hash is recommended (but you know this).
I'm using CodeIgniter, and am creating a section of the site where users need to be logged in. I have been reading about storing passwords as MD5 Hashes and encrypted strings with salts, but I don't see anything about decryption.
Is it efficient/safe to encrypt password attempts the same way they were encrypted when they were stored to check for validation?
Is this the recommended way of storing passwords in a php application or using the CodeIgniter Framework?
There are already auth libraries "ready to go" (out of box one might say), here is a link to another question that is similar to this one
http://www.stackoverflow.com/questions/346980/how-should-i-choose-an-authentication-library-for-codeigniter
note I like Tank Auth with "groups".
CodeIgniter uses a library called "Tank Auth": http://konyukhov.com/soft/tank_auth/
It includes the class "PasswordHash.php": http://bit.ly/1gahwtT
Example code:
require "PasswordHash.php";
define("phpass_hash_portable",TRUE);
define("phpass_hash_strength",8);
$hasher = new PasswordHash(phpass_hash_strength,phpass_hash_portable);
if ($hasher->CheckPassword($password_to_check, $original_encoded_password)) {
echo "password correct";
} else {
echo "password incorrect";
}
the two comments on your answers shows links to good answers, to add more.if you're just into hashing,You can also use crypt. note crypt is different from mcrypt fooled me once. An example of crypt can be found on laravel3 Hash class. or you can also use php pass,a library that utilizes OpenBSD-style Blowfish-based bcrypt.
Add thanks to cryptic, ircmaxell also has a hashing library check it out here
Do not use md5 or base64. Sha1 is also broken. Its better to use bcrypt.
You can use this library with codeigniter to verify the bcrypt passwords
The passwords are stored in hashed format because in most cases it is not needed to restore them to the original string. The md5 function generates a unique 32 letter long string that can be verified by just comparing two hashes. To answer your question:
Yes this is a standard way of saving passwords.
MD5 is no longer secured enough so most people are starting to use the php hash
function with algorithm 'sha512' and salt of course.
this function may be use full to u..
$this->load->library('encrypt');
$this->encrypt->sha1($yaourpassword);
I was looking about best practice for password protect, everybody are talking about bcrypt and others hashing classes. But I can't get how To verify password if it contains unique random salt .
For cookies its fine, but without em - each time would be unique crypted value, how can I verify users password with random values? Oo . Or bcrypt only for cookies?
Then what I should do with password in db?
Please describe to me my mistakes - what I've lost when learning about it.
The bcrypt algorithm creates a random salt that is stored as part of the hash in a standardised way.
See How do you use bcrypt for hashing passwords in PHP? for a working example.
See also:
Secure hash and salt for PHP passwords
(edited heavily since my answer was wrong before)
There will be a group of function in the next php version, for details see the accepted RFC.
Anthony, the author of the RFC and the patch was kind enough to provide a compatibility library written in php so you can start using this new functionality now!
Behind the scenes it uses crypt with the strongest algorythm currently known.
I am working on a script and need to save passwords. For development purposes, I have been using the crypt() function because it was easy and available. Now that I am mostly done, I want to replace it with something a little better and more consistent.
Some of the concerns I have are:
not all algorithms are supported on every system
sometimes the salt is pre-pended to the result (seems like a security problem)
I want something that works with PHP 4.3+.
Is there anything available, or should I stick with crypt()? I thought about using md5(md5($password).$salt). Thanks for the insight.
There is nothing wrong with crypt
If your server does not support it, use another server.
You should NEVER use MD5 for hashing passwords (or even SHA1 for that matter)
Use either bcrypt (the blowfish method of crypt) or pbkdf2
There is an implementation of pbkdf2 here:
Encrypting Passwords with PHP for Storage Using the RSA PBKDF2 Standard
More information on why and how here:
Which password hashing method should I use?
Do any security experts recommend bcrypt for password storage?
First of all: Prepending the salt is not a security problem. Having a per-password salt is a big goodie, and it's perfectly OK to it being store alongside the pw.
Now: As long as you don't transport password hashes from one system to another, and the latter not supporting the default algorithm of the first, nothing bad will happen by definition. Since PHP 5.3 there are built-in algorithms in PHP such as Blowfish, that are guaranteed to be available.