Well, if you're interested in some greater level of security where you
can decrypt, you might want to check out rijndael encryption (a type of
AES). Shane Kretzmann wrote a good rijndael php class that I think is
still on phpclasses.
It can be a bit difficult working with binary passwords, but
It's true md5 is very old but is not completely obsolete. Used in
combination with a random salt is still hard to decode.
Maybe i won't use it as encryption for passwords any more but I would
use it for digital signature or data integrity check.
[EMAIL PROTECTED] wrote:
Whilst reviewing my pen
Whilst reviewing my penetration testing I have noticed that both the
md5 and sha1 hashing algorithms are now considered less secure than
previously thought. Migration to sha256 is encouraged:
http://www.owasp.org/index.php/Cryptography#Algorithm_Selection
Then I found the comment below from:
htt
Andy,
Thanks for your comment. What I posted is only part of my code though,
as the entire thing is a bit long, and with all the includes rather hard
to follow unless I posted the whole file set. Above the piece I posted I
have code to do slashing, and some MD5 hashing, as well enforcing strin
