Hunter Fuller
Reputation: 3
What password one-way hash should I use in PHP when bcrypt is unavailable?
I have to deploy a php app for a client, but his server doesn't support bcrypt. I have no way to change this. What should I use instead of bcrypt to hash the user's passwords?
Upvotes: 0
Views: 197
Answers (1)
gahooa
Reputation: 137252
bcrypt is ideal for password hashing because it is slow, in addition to other useful properties.
Using SHA256, or even SHA1 with an appropriate salted value should do the job quite well for most password-hashing-purposes.
--
See also: http://www.openwall.com/phpass/
Upvotes: 1
Related Questions
- PHP Login with bCrypt Hashed Passwords
- PHP - hashing passwords with bcrypt
- how to use correctly bcrypt php class
- Convert sha1 to bcrypt?
- PHP password_hash() / bcrypt
- Password Hashing, BCrypt to SHA1/MD5
- Which implementation of bcrypt is recommended for PHP 5.3?
- Hash passwords with bcrypt in the database or in php code?
- How to handle BCrypt hashed passwords?
- How to use bcrypt with php for password authentication?