Possible Duplicate:
How to securely hash passwords?
What is the best encryption algorithm? MD5, SHA1, SHA2 or maybe something else? Can you explain me why?
Asked
Active
Viewed 789 times
-1
-
1Did you browse existing questions, notably those with tags `hash`, `passwords`, `password-management`? – curiousguy Jul 17 '12 at 06:14
-
3This is like the most-FAQ of this website. Please review [How to securely hash passwords?](http://security.stackexchange.com/questions/211/how-to-securely-hash-passwords) and [Password Hashing add salt + pepper or is salt enough?](http://security.stackexchange.com/q/3272/5133), and possibly [others **password** and **hash** related questions](http://security.stackexchange.com/questions/tagged/passwords+hash). – curiousguy Jul 17 '12 at 06:36
-
Sorry, I'm newbie on StackExchange. – egoholic Jul 17 '12 at 09:54
1 Answers
3
You shouldn't just use plain hashing algorithms anymore. It's not secure because it's become exceedingly easy to brute-force traditional hash algorithms that were designed for speed.
Instead use an adaptive hash algorithm like bcrypt. This is currently the standard secure way to store hashed information, including passwords. It contains implementations in most major programming languages, so it's often just as easy (if not easier) than implementing a hash strategy yourself.
Oleksi
- 4,809
- 2
- 19
- 26