0
I read a couple of articles about the encryption md5 should no longer be used, since it is not considered safer (also pudera, in 5 minutes I enter a any website and break such a password). I have been looking for other means of encryption and have heard of crypt(), I don’t think he’s so safe compared to what I’m about to say.
Li that article and I found the methods very interesting (in particular the SHA-512), but the same is 2010, these means of encryption remain the best or already exist higher?
Remembering that my focus is to encrypt passwords.
References
Articles I based on asking that question:
For some reason I think this should be at the finish line, even so, I’ve been using mcrypt_encrypt. But it’s been a while since I needed to do an important comic, from what I’ve read, sha256/512 is the way forward :)
– MoshMage
I don’t know if exactly duplicated, but maybe you can find your answers here How to hash passwords securely
– abfurlan
@abfurlan, I read the answer to the question you linked and clarified a lot of things. I will choose to use the
bcrypt, until someone suggests something against.– Rafael Almeida
I marked it as duplicate, just to create a link between the questions.
– abfurlan
I believe I am duplicate yes. You don’t "encrypt" passwords (or at least shouldn’t, unfortunately I see a lot of that going around...), you "hash". It is all explained in the linked question. MD5 is yes "broken" for most applications, but not all (e.g.: can still be used to test file integrity, or perhaps as part of an HMAC), and not always for the same reasons (collisions are not important in case of password hash, slowness yes).
– mgibsonbr
Thank you guys, I marked it as a duplicate. Just one thing, I read this topic in a forum: http://goo.gl/e2VKBh. It says that the
bcryptis not safe. As it turns out then?– Rafael Almeida
You managed to find the answer?
– sergioBertolazzo