Why is the PHP crypt() function returning the same thing for two different strings?

Question

I\'m using PHP\'s crypt function for password hashing/encryption, but I don\'t think I am doing it right because \"nathan12\" and \"nathan123\" both allow me to log

Answer 1

The standard DES-based crypt() [...] only uses the first eight characters of str, so longer strings that start with the same eight characters will generate the same result (when the same salt is used).

source

Use a salt that starts with $$ to use something other than DES. See the crypt() documentation for details.