Limited Time Offer!

For Less Than the Cost of a Starbucks Coffee, Access All DevOpsSchool Videos on YouTube Unlimitedly.
Master DevOps, SRE, DevSecOps Skills!

Home PHP Difference between md5 password and Hash Passowrd Algorithm ?

Difference between md5 password and Hash Passowrd Algorithm ?

PHP Amit Kumar · September 16, 2023 · 1 Comment

The main differences between MD5 and modern password hashing algorithms like Bcrypt (which is often used through Hash::make() in Laravel) lie in their security properties:

MD5 (Message Digest Algorithm 5):
- Algorithm: MD5 is a cryptographic hash function that produces a 128-bit (16-byte) hash value.
- Speed: It is very fast and efficient in terms of computation.
- Vulnerabilities:
  - Vulnerable to collision attacks. This means that two different inputs can produce the same hash value, making it unsuitable for secure applications.
  - Vulnerable to precomputed tables (rainbow tables), which can be used to quickly look up the original input of a hash.
- Usage: Due to its vulnerabilities, MD5 is considered cryptographically broken and unsuitable for further use in secure applications like password hashing.

Example: –

'password'=> md5($request['password']),

Bcrypt (used in Hash::make() in Laravel):
- Algorithm: Bcrypt (Blowfish Cryptographic Hash Function) is a key derivation function designed for securely hashing passwords.
- Speed: It is intentionally slow, making it computationally expensive and time-consuming for attackers.
- Adaptability: Bcrypt adapts to Moore’s law and increases the computational requirements as hardware becomes faster.
- Properties:
  - Produces a hash value that includes the algorithm, cost factor, salt, and hash.
  - The salt is unique to each password, which means that even if two users have the same password, their hash values will be different.
- Security: It is currently considered one of the best practices for password hashing and is widely recommended for secure password storage.

Example :-

'password'=>  Hash::make($request['password']),

In summary, MD5 is fast but insecure, while Bcrypt is intentionally slow and designed to be highly secure. When it comes to password storage, using a slow hash function like Bcrypt is crucial for security, as it makes it significantly harder for attackers to brute force or use precomputed tables to crack passwords.

hash-password md5-algorithm php

Hi I am Amit Kumar Thakur Experienced as s Software Developer with a demonstrated history of working in the information technology and services industry. Skilled in HTML, CSS, Bootstrap4, PHP, Laravel-9 , REST API,FB API,Google API, Youtube Api, Bitbucket,Github,Linux and jQuery. Strong engineering professional focused in Computer/Information Technology Administration and Management. Currently my profile is to Software Developer, analyze the requirement, creating frame for web application, coding and maintenance.

0 0 votes

Article Rating

Subscribe

1 Comment

Oldest

Newest Most Voted

Inline Feedbacks

View all comments

List of My Blogs Written in September 2023 - DevOps Freelancer

1 year ago

[…] Difference between md5 password and Hash Passowrd Algorithm ? […]

0

Reply

1

0

Would love your thoughts, please comment.x

()