This question already has an answer here:
- Secure hash and salt for PHP passwords 14 answers
I was just reading a post to create a login system and while reading I saw about password hashing.
We are going to store an sha256 hash which is a string always containing 64 characters.
This article is teaching to use sha256 hash function. After reading this, I did not stop and started to search more about creating secure login system and then I came up with this article by wikiHow. In this article, they are using sha512 hash function. This really confused me that which function am I going to use for my next login system. I still searched google for better article and found this article by crackstation. The writer recommends both sha256 and sha512.
Only cryptographic hash functions may be used to implement password hashing. Hash functions like SHA256, SHA512, RipeMD, and WHIRLPOOL are cryptographic hash functions.
I thought my search is over and I can use sha256
or sha512
function but while searching more I found this SO Question. The accepted answer by Robert K had new things for me. The things about I have never heard before which is bcrypt and scrypt.
All this stuff was written about 2 to 4 years ago.
Question
Which is the best password hashing algorithm used these days for PHP?
</div>