Passwords storage, hash() with sha-512 or crypt() with blowfish (bcrypt)?

Question

This is my current password hashing procedure in PHP/SQL projects...

• Take 512bits of per-user salt from /dev/urandom, stored in the user\'s DB record in additi

Answer 1

If you can wait til php 5.5, there will be some helpful functions for this built in:

https://gist.github.com/3707231

Till then, use crypt - you could look at this forward compatible port of the new functions:

https://github.com/ircmaxell/password_compat