Reputation:
Why does PHP have two password hashing functions?
I've been doing some reading on password hashing lately, and I've found that PHP has two password hashing functions: password_hash() and crypt().
crypt() looks more versatile and configurable and is what I personally use, but I've read that password_hash() is better even though it only takes two arguments and only uses one algorithm.
Can someone please inform me of any major differences between these two functions, or if one is more secure than the other when used correctly? If there's no real difference, then can someone explain to me why there are two functions that appear to do the same thing, only one is better at it?
Upvotes: 2
Views: 137
Answers (2)
Reputation: 24393
There are 2 main differences between plain crypt and password_hash. It is also worth mentioning that password_hash uses crypt in its implementation, so we're basically comparing a car motor (crypt) to an entire car (password_hash) here.
The first difference between the two would therefore be that crypt is ONLY for calculating the hash. You have to do everything else on your own. There are three things that you will have to implement on your own:
- Generating a salt
- Verifying the hash
- Determine whether you need to re-hash (optional, but recommended)
With password_hash, unless you specify a salt (which you shouldn't do unless you really know what you're doing), it will generate the most secure available salt on your OS available. Salt generation is probably the most complicated part and the part that can most easily be done wrong without you even knowing you're doing it wrong. crypt is needed for verifying the hash, but again, you have to make your own implementation. Even the man page on php.net gets it wrong. Compare that to password_verify() and you will see it's not just a simple == that should be done for hash verification.
Secondly, crypt allows you to create bad hashes using obsolete hash types. As of the time of writing, password_hash only uses bcrypt, however using Using password_hash with PASSWORD_DEFAULT will always guarantee you will be hashing using the strongest recommended and available hash. crypt, in providing flexibility, also allows the programmer more room to make mistakes in choosing the wrong hash type and unless you constantly monitor security warnings, you may not even know that what you are doing is wrong or that (perhaps) a new and stronger hashing algorithm has been implemented in PHP. password_hash in that sense will be future-proof unless you force it not to be. It wouldn't surprise me that in the next few years when scrypt is built into PHP, it will be made the new default algorithm in password_hash as well.
So in summary, always use password_hash(). And if you don't have php >= 5.5 download Ircmaxell's compatibility pack.
Upvotes: 2
Reputation: 12695
It provides access to the crypt(3) function. This is a traditional function that pre-dates PHP by a few decades.
http://en.wikipedia.org/wiki/Crypt_(C)
It operates in several modes and would generally be used to interface with password data shared among other systems.
The password_hash function exists because properly using the bare crypt(3) function is fraught with peril.
Upvotes: 0
Related Questions
- I'm not understanding the password_hash() function
- Why is php password_verify and password_hash using different encryption identifiers?
- How does password_hash really work?
- Questions regarding PHP's password_hash()
- PHP: Password Hashing
- Password Hash Algorithm
- PHP Password_Hash Function
- PHP Password Hash - PHPass
- hash_pbkdf2 vs password_hash PHP functions
- php hashed password creation