PHP, WEB

How to secure passwords in PHP

We are going to use sha1 algorithm(build-in php function), md5 algorithm(build-in php function) and salt to secure the password.
 

1
2
3
4
5
function securePassword($plaintext)
{
    $salt = substr(md5(uniqid(rand(), true)), 0, 8);
    return sha1($salt . sha1($salt . $plaintext));
}

Testing it:

1
echo securePassword('my_password');

IMPORTANT!
If you would like to use the above function to secure your passwords before storing them into database, don’t forget to store salt value also into database.