Discussions of secure PHP coding. Security in software is important, so don't be afraid to ask. And when answering: be anal. Nitpick. No security vulnerability is too small.
php_wiz_kid wrote:Devnetwork says our best bet is using the crypt() function.
I'm not sure how you can claim that you're not trying to speak for anybody when you clearly are. Others are justified in chiding you for this.
Regardless, this is a very poor suggestion.
Basically, because of recent discoveries regarding the MD5 algorithm, you're suggesting that everyone return to DES, an algorithm that was broken nearly a decade ago. You really think this is a good idea?
I know I'm very late on this, but I have a few questions.
You never mentioned what avenue you thought they were using to gain access. Why would you first look at your login?
If it is your login are you sure they are not using the old ' OR '' = ' s?
Is it possible that they are using injection somewhere else to actually read your database and it just so happened that these two accounts had very weak passwords? Is it possible that these two accounts passwords were just guessed?
Other than a monkey in the middle attack or an attacker using XSS on your users, the script looks solid.
I currently use the crypt() function set to MD5 without a salt. I am kind of confused at the moment because when I read the php.net entry for crypt() it says:
If the salt argument is not provided, one will be randomly generated by PHP each time you call this function.
So when I go: $hash = crypt("mypassword");
Is that the same as using md5 with a salt (if crypt was set to use MD5)? I don't want to get into a debate on how secure MD5 is but I would like to use a salt with it and it seems that if PHP is randomly generating one in crypt() then that would be more secure then me having a $salt variable that I defined lying around for someone to look at when they hack my site.