How to secure password in PHP?

 
Bansari Gorasiya

In php, password security is the essential needs for the users. Password never store in plain text, but it store different incrypt text for the security. Secure password is make  our panel strong and prevents websites from being hacked.

md5() :

       The md5() function is used to calculate the md5 hash of a  string.

Syntax :

          

 

md5(input_string, raw_output)


password_hash:

         the password_hash function is that it will automatically generate a random salt that is cryptographically secure.

        password_hash()  function provides the facility to securely store the password  of  the user to the database.

Syntax :

 

password_hash($pass, PASSWORD_BCRYPT)

 


Example:

Connection.php

<?php

  $db_host = "localhost";

  $db_name = "demo";

  $db_pass = "";

  $db_user = "root";

 

  $con = mysqli_connect($db_host, $db_user,   $db_pass, $db_name);

 

  if (!$con){

    die ('Failed to connect with server');

  }    

?>


Form

<form action="pass.php" method="POST">

  <label for="username">Username</label>

  <input type="text" name="username" required><br><br>

 

  <label for="password">Password</label>

  <input type="password" name="password" required><br><br>

  <input type="submit" name="submit" value="submit">    

 </form>

 


Pass.php

<?php  

  //Include database connection file

  include 'connection.php';

 

  if (isset($_POST['submit'])){

    $username = $_POST['username']; 

            $pass = $_POST['password'];

    // Secure password using password_hash

    $password = password_hash($pass, PASSWORD_BCRYPT);

 

    $sql = "INSERT INTO Admin (username, password)

    VALUES('$username', '$password')";

    $result = mysqli_query($con, $sql);

            header("Location: secure_pass.php");

  }

?>

The second Parameter will contain PASSWORD_BCRYPT to make secure .


Output:




Comments

Preeti p.
    27-06-2020

     Very helpful article

Leave a Comment

Your email address will not be published.



#212, JV Square 2, Sanskar Nagar, Bhuj-370001, Gujarat
+(91) 97 26 134340
Mon-Fri 9:00am-6:00pm
talk@lpktechnosoft.com
24 X 7 online support