Is the php method md5() secure? Can it be used for passwords? [migrated]

Posted by awiebe on Pro Webmasters See other posts from Pro Webmasters or by awiebe
Published on 2012-04-11T00:02:26Z Indexed on 2012/04/11 5:44 UTC
Read the original article Hit count: 175

Filed under:
|
|

So executing a php script causes the form values to be sent to the server, and then they are processed.

If you want to store a password in your db than you want it to be a cryptographic hash(so your client side is secure, can you generate an md5 using php securely( without submitting the user:password pair in the clear), or is there an alternative standard method of doing this, without having the unecrypted pasword leaving the clients machine?

Sorry if this is a stupid question I'm kind of new at this.

I think this can be done somehow using https, and on that note if a site's login page does not use https, does that mean that while the databse storage is secure, the transportation is not?

© Pro Webmasters or respective owner

Related posts about php

Related posts about security