Which of the following are NOT acceptable ways to create a secure password hash in PHP? (Choose 2)
A. password_hash()
B. crypt()
C. md5()
D. hash_pbkdf2()
E. openssl_digest()
Explanation:
One Comment on “Which of the following are NOT acceptable ways to create a secure password hash in PHP?”
ruslanbessays:
Tricky.
For those who wonder why openssl_digest() is NOT acceptable – it allows insecure hashing methods like MD5, MD4 and SHA without salt. The crypt() method is more secure since it will auto-generate salt.
Tricky.
For those who wonder why openssl_digest() is NOT acceptable – it allows insecure hashing methods like MD5, MD4 and SHA without salt. The crypt() method is more secure since it will auto-generate salt.
5
0