-
[Resolved] ?? vs md5()
Is there any other type of encryption, besides md5()?
I have a guy using one of my scripts that's paranoid someone will crack his password and insists that md5() is easy to crack (although he hasn't shown me proof).
So what are your thoughts? What do you use?
-
PASSWORD() is another level of encryption, dont think its better than MD5 though.
-
The folks over at GalahTech gave me few ideas.
-
please share, if you don't use salt or md5() what other choices do you have unless you make your own.
and besides I never heard anybody crack md5() as it is one way only. 128bit is like 100+ years to crack.
-
They suggested something along the lines of:
Code:
function passenc($password) {
$password .= "jk4swq1";
$password = md5(md5($password));
return $password;
}
Or something.
-
It is probably a good thing to note that I sent this guy a md5'ed string and told him to tell me what it originally was. I said that if he could crack it and tell me what it said, then I would try to implement stronger encryption in the software.
He hasn't responded to me yet, and that was a few weeks ago. So it's likely that he's full of it.
-
doing a double md5() pretty sneeky :)
it even says in the manual that md5() is one way only. I do believe you are right, that guy is full of it, and it isn't php :p
show him the manual where it says that.