douxing8855 2017-02-08 18:11
浏览 16
已采纳

密码哈希PHP 7 [关闭]

I am currently learning PHP and I have been looking through the forum for current thinking on how best to Hash passwords in PHP.

Can anyone advise on what is currently the best password hashing method to use. I have been told about PHPass, but are there better alternatives in 2017?

Thank you for any advice,

Ian

  • 写回答

1条回答 默认 最新

  • donglipi4495 2017-02-08 18:12
    关注

    You should never encrypt passwords, you should only hash them. Encryption implies that you can decrypt the password into a human readable form. You should never do that. Hashing is a one way street and once hashed a password cannot be recovered in human readable form.

    Please use PHP's built-in functions password_hash() and password_verify()to handle password security. If you're using a PHP version less than 5.5 you can use the password_hash() compatibility pack. Make sure you don't escape passwords or use any other cleansing mechanism on them before hashing. Doing so changes the password and causes unnecessary additional coding.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 高价求中通快递查询接口
  • ¥15 解决一个加好友限制问题 或者有好的方案
  • ¥15 关于#java#的问题,请各位专家解答!
  • ¥15 急matlab编程仿真二阶震荡系统
  • ¥20 TEC-9的数据通路实验
  • ¥15 ue5 .3之前好好的现在只要是激活关卡就会崩溃
  • ¥50 MATLAB实现圆柱体容器内球形颗粒堆积
  • ¥15 python如何将动态的多个子列表,拼接后进行集合的交集
  • ¥20 vitis-ai量化基于pytorch框架下的yolov5模型
  • ¥15 如何实现H5在QQ平台上的二次分享卡片效果?