Difference between md5 password and Hash Passowrd Algorithm ?

The main differences between MD5 and modern password hashing algorithms like Bcrypt (which is often used through Hash::make() in Laravel) lie in their security properties:

  1. MD5 (Message Digest Algorithm 5):
    • Algorithm: MD5 is a cryptographic hash function that produces a 128-bit (16-byte) hash value.
    • Speed: It is very fast and efficient in terms of computation.
    • Vulnerabilities:
      • Vulnerable to collision attacks. This means that two different inputs can produce the same hash value, making it unsuitable for secure applications.
      • Vulnerable to precomputed tables (rainbow tables), which can be used to quickly look up the original input of a hash.
    • Usage: Due to its vulnerabilities, MD5 is considered cryptographically broken and unsuitable for further use in secure applications like password hashing.

Example: –

'password'=> md5($request['password']),
  1. Bcrypt (used in Hash::make() in Laravel):
    • Algorithm: Bcrypt (Blowfish Cryptographic Hash Function) is a key derivation function designed for securely hashing passwords.
    • Speed: It is intentionally slow, making it computationally expensive and time-consuming for attackers.
    • Adaptability: Bcrypt adapts to Moore’s law and increases the computational requirements as hardware becomes faster.
    • Properties:
      • Produces a hash value that includes the algorithm, cost factor, salt, and hash.
      • The salt is unique to each password, which means that even if two users have the same password, their hash values will be different.
    • Security: It is currently considered one of the best practices for password hashing and is widely recommended for secure password storage.

Example :-

'password'=>  Hash::make($request['password']),

In summary, MD5 is fast but insecure, while Bcrypt is intentionally slow and designed to be highly secure. When it comes to password storage, using a slow hash function like Bcrypt is crucial for security, as it makes it significantly harder for attackers to brute force or use precomputed tables to crack passwords.

Hi I am Amit Kumar Thakur Experienced as s Software Developer with a demonstrated history of working in the information technology and services industry. Skilled in HTML, CSS, Bootstrap4, PHP, Laravel-9 , REST API,FB API,Google API, Youtube Api, Bitbucket,Github,Linux and jQuery. Strong engineering professional focused in Computer/Information Technology Administration and Management. Currently my profile is to Software Developer, analyze the requirement, creating frame for web application, coding and maintenance.

Related Posts

How to print Multidimensional array using JavaScript ?

What is Multidimensional Array ? A multidimensional array is a data structure that can hold values organized in multiple dimensions or levels. In its simplest form, a…

How to remove @gmail.com from response data.

In this tutorial i’m going to learn how to remove @gmail.com from whatever coming in response data. One way to remove @gmail.com from response data is by…

How to Generate Sitemap in PHP ? Dynamic sitemap Generator in PHP

In this tutorial im going to learn how to generate Sitemap. In this tutorial im going to share how to generate dynamic sitemap using php. first create…

mysqli::real_connect(): (HY000/1130): Host ‘localhost’ is not allowed to connect to this MariaDB server

I’m using PhpMyAdmin on XAMPP server. However, after installing WordPress on localhost, it start showing following error. Solution:- Next restart your xampp then your problem has been…

Error: error:0308010C:digital envelope routines::unsupported

In this tutorial I’m going to share how to solve Error: error:0308010C:digital envelope routines::unsupported. Just copy below code and run your terminal. After run above all code…

API calls from the server require an appsecret_proof argument

In this tutorial im going to solve this issue API calls from the server require an appsecret_proof argument. 1st step go to developer facebook advance setting and…

0 0 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x