16

In my website I use md5 to crypt password user in my database (and store session user)

$pswUser = md5($_POST["password"]);

But I have just been told that this way of encrypting has become obsolete

I did some research to find out how to do it but most of the posts dates from two or three years ago So what is the best way to encrypt password in 2017 ?

Thank you

Isn't duplicate discussion ... Secure hash and salt for PHP passwords => 2009 ...

Improve this question
1
  • 1
    Most answers including the two highest voted on the linked question (duplicate) are actually still current. Commented May 9, 2017 at 17:41

1 Answer 1

Reset to default
31

The password hash function in combination with password verify

https://secure.php.net/manual/en/function.password-hash.php https://secure.php.net/manual/en/function.password-verify.php

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.