Jump directly to content

Hashing passwords

Sooner or later, most websites have to implement a login system of some kind. At this moment at latest, it is inevitable to think about how the passwords can be stored safely. Even big and well-known internet portals stumble over this challenge again and again, and the internet provides a lot of bad or outdated examples (this article was last updated in 2021).

I reworked a presentation of this topic to a tutorial. It is an attempt to present the necessary steps, so that everybody should be able to understand them, security comes from understanding after all. The tutorial allows a bit to play with SQL-injection, and then describes the usage of salt and pepper for hashing.

Tutorial: How to spoil the fish with salt and pepper happy fish

PHP developers can find example code, how passwords can be stored safely in PHP.

PHP code ➽ Implementation of BCrypt with PHP