Securely hash passwords - so much conflicting advice!

Question

I\'m reading so much conflicting advice as to how to store passwords securely. All I know for sure is not to use MD5! I\'ve seen people advocate using PHP\'s bcrypt

Answer 1

You can use sha256. A good thing to do is to add extra information to the password such as username, userid, or some other data to it. This way, if someone hack your database, it will be impossible to use an existant hash database to find the password. They will have to crack the password starting from zero.