Hello, is md5 the best way to encrypt data?
how would I use it, like this?
$password = "mypassword";
$crypted_pass = md5($password);
or do I have to put something else along with $crypted_pass = md5($password);
No basicly not.
$password = "secret"; $crypted_pass = md5($password);
Note that md5 is one way encryption. So if you have to compare the password you have to compare the crypted passwords. You won't be able to decrypt them anymore.
What i have expirienced already are differences between oder tools that encrypt passwords with md5. seems that some tools do it another way compared to php and others.
Chris
Sorry.... it's 5 am and i'm tired and should go to bed....
md5 is one of the best way's to encrypt passwords because it is a one way encryption.
It is at least more secure then crypt.
DES is two way encryption. That means you can decrypt the password again with a specified key or signature. You can do that with the mcrypt library compiled in to php if you have to decrypt your passwords again. This is pretty secure aswell as long nobody gets your key.
md5 is pretty good I think, but not perfect. There are php scripts out there to break it like the one found here:
http://www.securiteam.com/tools/5XP0X0040G.html
The longer the password is, the harder it is to break. Maybe the best idea is to use a very simple custom encrypt/decrypt key of your own, to be applied before and after the md5. Maybe something as simple as increasing each character by one ascii value, and then decreasing again. That way, if the md5 values is ever discovered, the result will still be semi-cryptic. Maybe this is being a little paranoid though. All in all I think md5 is good.
