CSI: PHP

"Looking at your tweets I cannot even fathom what your job is. CSI:PHP?" — @grmpyprogrammer

Encrypt Passwords for Highest Level of Security

| Comments

Thanks to Justin Carmony for this awesome slice of fail.

1
2
3
4
5
6
7
8
9
10
11
12
<?php

class SecurityFail
{

    // Encrypt Passwords for Highest Level of Security.
    static public function encrypt($pword)
    {
        return md5($pword);
    }

}

There are right ways and wrong ways to encrypt and store passwords, and a simple md5() hash is one of the wrong ways. Here are some links you might research instead of rolling your own crypto.

Comments