LearnPHP Password Hashing Tutorial

writes on January 5, 2011

In this 8-minute video tutorial on PHP Password Hashing, you’ll learn how to improve your authentication code by taking passwords out of cleartext.

This video is from Think Vitamin Membership, a high-quality video training site, curated by us at Carsonified and Think Vitamin, with hundreds of short videos on topics like …

10 new videos are added every week, so it’s a great way to stay up-to-date on all the latest technology and methods. Browse the entire library of videos.

5 Responses to “PHP Password Hashing Tutorial”

  1. Thanks, this is opening some new ideas for me.

  2. Tyfteeyf on January 6, 2011 at 11:47 am said:


  3. Michaelbuckbee on January 5, 2011 at 5:36 pm said:

    While using hashed passwords is certainly better than keeping them as plaintext fields, it is also significantly less secure than easily available alternatives such as using bcrypt.

    Mostly this is because if someone is able to steal your users table (and presumably the salts for the hashes as well), it is incredibly fast to compare the hashed values to precomputed hashes of passwords.

    The recent Gawker password leaks fell victim to a form of this style of attack.

    Bcryprt is sloowww, so if the worst happens and someone gets your user table they’ll die of natural causes before being able to compare the encrypted passwords to potential matches.

Leave a Reply

You must be logged in to post a comment.

Want to learn more about PHP?

Learn how to create dynamic websites using the back-end programming language, PHP.

Learn more