Difference between md5 password and Hash Passowrd Algorithm ?

The main differences between MD5 and modern password hashing algorithms like Bcrypt (which is often used through Hash::make() in Laravel) lie in their security properties:

  1. MD5 (Message Digest Algorithm 5):
    • Algorithm: MD5 is a cryptographic hash function that produces a 128-bit (16-byte) hash value.
    • Speed: It is very fast and efficient in terms of computation.
    • Vulnerabilities:
      • Vulnerable to collision attacks. This means that two different inputs can produce the same hash value, making it unsuitable for secure applications.
      • Vulnerable to precomputed tables (rainbow tables), which can be used to quickly look up the original input of a hash.
    • Usage: Due to its vulnerabilities, MD5 is considered cryptographically broken and unsuitable for further use in secure applications like password hashing.

Example: –

'password'=> md5($request['password']),
  1. Bcrypt (used in Hash::make() in Laravel):
    • Algorithm: Bcrypt (Blowfish Cryptographic Hash Function) is a key derivation function designed for securely hashing passwords.
    • Speed: It is intentionally slow, making it computationally expensive and time-consuming for attackers.
    • Adaptability: Bcrypt adapts to Moore’s law and increases the computational requirements as hardware becomes faster.
    • Properties:
      • Produces a hash value that includes the algorithm, cost factor, salt, and hash.
      • The salt is unique to each password, which means that even if two users have the same password, their hash values will be different.
    • Security: It is currently considered one of the best practices for password hashing and is widely recommended for secure password storage.

Example :-

'password'=>  Hash::make($request['password']),

In summary, MD5 is fast but insecure, while Bcrypt is intentionally slow and designed to be highly secure. When it comes to password storage, using a slow hash function like Bcrypt is crucial for security, as it makes it significantly harder for attackers to brute force or use precomputed tables to crack passwords.

Hi I am Amit Kumar Thakur Experienced as s Software Developer with a demonstrated history of working in the information technology and services industry. Skilled in HTML, CSS, Bootstrap4, PHP, Laravel-9 , REST API,FB API,Google API, Youtube Api, Bitbucket,Github,Linux and jQuery. Strong engineering professional focused in Computer/Information Technology Administration and Management. Currently my profile is to Software Developer, analyze the requirement, creating frame for web application, coding and maintenance.

Related Posts

How to Upload Big Database using Command in PhpMyAdmin ?

If you need to upload a large database to phpMyAdmin using a command-line interface, you can use the mysql command to import the database dump file directly…

Error: error:0308010C:digital envelope routines::unsupported

In this tutorial I’m going to share how to solve Error: error:0308010C:digital envelope routines::unsupported. Just copy below code and run your terminal. After run above all code…

API calls from the server require an appsecret_proof argument

In this tutorial im going to solve this issue API calls from the server require an appsecret_proof argument. 1st step go to developer facebook advance setting and…

Example of Inharitance in PHP ?

In this tutorial we’re going to learn how to use inharitance in php with example. Inheritance is a way to create a new class that is a…

How to print first 50 value and last 10 data in php

In this tutorial we’re going to share how to print first 50 value of data and the last value of data To print the first 50 values…

How to count Using substr_count function in PHP ?

In this tutorial we’re going to learn how to use substr_count function in php with example. 1step create below file And put below code Output:-

0 0 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x