Can someone point me to a good PHP/MySQL salted hashed password implementation?

后端未结

关注

 8  718

感情败类 2021-02-06 07:33

After reading about salts password hashing Id like to implement a simple version for an admin area to a site Im building.

If you have any good links with code that have

8条回答

北荒 (楼主)

2021-02-06 07:49

There are so many ways you can create a salt string, but i think you don't need to think a lot about your salt strength.

I hash passwords like this

$hash = sha1(strlen($password) . md5($password) . $salt);

I think its the best performance between speed, and "security".

function salt($lenght = 9) {
    $numbers = '0123456789';
    $chars = 'qwertzuiopasdfghjklyxcvbnm';

    $password = '';
    $alt = time() % 2;
    for ($i = 0; $i < $length; $i++) {
        if ($alt == 1) 
        {
            $password .= $chars[(rand() % strlen($chars))];
            $alt = 0;
        } else 
        {
            $password .= $numbers[(rand() % strlen($numbers))];
            $alt = 1;
        }
    }
    return $password;
}

0 讨论(0)

查看其它8个回答