Doubt about Cryptography in passwords [duplicate]

Question

Doubt about Cryptography in passwords [duplicate]

Navigation

#1 by (0 votes)

0

I would like to know the difference between MD5 and SHA256 in passwords. If there is a more secure one and when and when it is better to use one or the other.

php md5 login sha-256 password

asked by anonymous 29.03.2018 / 16:48

1 answer

How to filter result from another page with Jquery Load () or Get ()? Select set of values inside a LINQ query

score 0 · Answer 1

Both are hashing algorithms, however MD5 is currently considered broken, that is, its use is not recommended.

SHA256 is a bit safer than MD5 and SHA1 (also considered broken), but also not ideal for use in passwords. One of the main reasons is because SHA256 as well as MD5 are meant to be fast and are quite vulnerable to rainbow tables.

Currently one of the solutions is to use a slow algorithm and preferably use a salt. PHP from version 5.6 natively supports BCRYPT and if I am not mistaken from version 7.2 it also supports ARGON2 which are excellent algorithms for hashing of passwords.

To use them, there are the password_hash () and password_verify () functions.

link