2018-11-29, 02:55 PM
Good evening!
I have two questions, but they relate to the same problem.
I encrypt passwords via md5 () and write them into a database:
How safe are these two examples in terms of the fact that, for example, different passwords do not have the same hash? How could a hacker outsmart this and take advantage of it?
About suggestions for improvement, I am very grateful![img=22x22]data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7[/img]
I have two questions, but they relate to the same problem.
I encrypt passwords via md5 () and write them into a database:
$password = md5 ( $password );
I save a cookie with logged-in users with a SessionID and I create it like this (will be checked beforehand if a user already has the same):$sessionID = md5 ( uniqid ( rand (), true ) );
How safe are these two examples in terms of the fact that, for example, different passwords do not have the same hash? How could a hacker outsmart this and take advantage of it?
About suggestions for improvement, I am very grateful![img=22x22]data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7[/img]