Hi! Here let's see how to secure passwords in php. Developers have a huge responsibility when handling sensitive user data, such as password. They must take necessary precautions to store the password and other sensitive information in a secure manner. Old-school methods use the md5 algorithm to hash passwords and store them in the database. This really is not safe and vulnerable to attack.
But thanks to the community, PHP 5.5 and higher comes with the password_hash function that generates one-way hash that is extremely secure to store passwords in the database. Below, we will see how to securely hash passwords, store them in the database and verify them against the user given password in php.
PHP - Secure Way to Store Passwords:
If you are a budding developer, these are some things to keep in mind when handling the password.
- Never store passwords as plain text. It's as good as not having a password at all.
- Never use MD5 or SHA1 for hashing. They are extremely fast and vulnerable to brute force attack. A powerful GPU could easily break the md5 hash.
- Never try to make your own password hashing. Someone could easily outrun your smartness putting the system vulnerable.
- Don't even associate password with encryption, as there is this chance to decrypt which is a big NO. Instead, you must use salted one-way hashing for the password.
So, what to use to protect passwords?
Use password_hash:
With PHP v5.5+, you are lucky to have the built-in password_hash() function, that uses BCRYPT algorithm to hash the password.
The good thing about BCRYPT is that it is very slow compared to md5 and sha1. This makes it computationally expensive to brute force. Plus, you can also change the algorithmic cost factor to make it tougher to break.
How to Hash Password?
To hash the password, pass the password string and the algorithm you want to use for the password_hash.
<?php $email = mysqli_real_escape_string($_POST['email']); $password = mysqli_real_escape_string($_POST['password']); $hash = password_hash($password, PASSWORD_BCRYPT); $sql = "insert into users (email, password_hash) values ($email, $hash)"; mysqli_query($con, $sql); ?>
The password_hash function will automatically generate a random salt that is cryptographically secure. Therefore, it is strongly recommended that you do not provide your own salt (though you can) for the function.
What should be the length of the Password field?
Be sure to use at least varchar(60) column to store the password hash, since BCRYPT returns 60 characters length string. But you can keep it to up to 255 characters long if you are considerate about future upgrade to accommodate a much stronger algorithm.
How to Verify User Password?
To verify the password, you must use the function password_verify() which will check the password given by the user against the hash created by password_hash. It returns true if the password and the hash match and false otherwise.
Here's the rough usage of the function,
<?php
$email = mysqli_real_escape_string($_POST['email']);
$password = mysqli_real_escape_string($_POST['password']);
$sql = "select * from users where email=$email";
$result = mysqli_query($con, $sql);
if(mysqli_num_rows($result) > 0) {
$user = mysqli_fetch_assoc($result);
if(password_verify($password, $user['password']))
echo 'Valid password!';
else
echo 'Invalid password!';
}
?>
If you are using PHP 5.3.7+, use this https://github.com/ircmaxell/password_compat library that helps you to use password_* functions on older php servers.
Guess now you have a clear idea of storing passwords securely in the database with php. No matter how awesome your application, it would be nothing without the proper security measures. I hope you find this post useful. Please, share it on your social circle if you like it.
Nice post! Best practice
ReplyDelete