Common password methods

nimasdj · April 29, 2014, 2:30pm

However nowadays only password_hash is recommended and nothing else, but i need a list of common password methods that are still in use. md5, sha1 and what else?

felgall · April 29, 2014, 7:21pm

The only password method that has ever been created is password_hash.

md5, sha1 etc are for checking the integrity of documents to ensure that they are unchanged from when the hash was created as any change will result in a completely different hash. Any use of a hash for purposes other than file integrity is making use of it for a purpose other than what it was intended for.

A lot of people also misuse the plain text method for storing passwords (or possibly rot13).

nimasdj · April 29, 2014, 7:36pm

I know. But these hash functions are still used for password. I need to know the answer of my original post for stats/research purposes.

felgall · April 29, 2014, 10:10pm

There wouldn’t be any way of knowing what is being used except in some of the cases where the password security is breached. Anywhere using a secure variant or an incecure one that no one had attacked yet would not provide any means for telling what was being used.

Mittineague · April 29, 2014, 10:34pm

Sorry if I’m missing something, but wasn’t this adequately covered in your other threads?
mcrypt
password_needs_rehash
regexp for password_hash

What is it specifically you’re still struggling with?

Topic		Replies	Views
What's Your Prefered Hashing Method PHP	23	5972	October 8, 2014
Updating Password Hash Method PHP	14	3663	March 5, 2016
MD5() and SHA-1 PHP replacement? PHP	7	2659	June 7, 2015
Hashing password! PHP scripts	5	1132	March 4, 2016
Which php and MySQL password hashing PHP	18	7583	September 12, 2022

Common password methods

Related topics