Which is a better encryption algorithm for user passwords? SHA1, SHA2, MD5, BCrypt, or something else? Typical web application.

3 Answers

akshayrb | 2 years, 12 months ago

Use RSA with SSL is also the best combination

You can leave an optional "tip" with Mahalo's virtual currency, Mahalo Dollars. If you are asking a difficult question that might require some research, or if you'd like a wide variety of feedback, a higher tip often leads to more answers to your question.

Report Abuse

ferhrosa | 2 years, 12 months ago

This depends if you want to decrypt these passwords later.
If you don't want to do that, use MD5 that is secure and simple.

But if you want to decrypt the passwords, use a two-way encryption. In this case, I prefer the Rijndael algorithm.

source(s):
http://ferhrosa.pfsistemas.com

Report Abuse

kamkam | 2 years, 12 months ago

SHA1,SHA2,MD5 are not encryption algorithms , instead they are hash algorithms.  You can use them  to check  the correctness of a password  ( some *nix  os  and  many web pages  use this method indeed ) but you can't  recover the password once hashed ( notice that many sites do not recover passwords , they simply reset them and lead users to a recreation procedure).
If this method is good for your pourpose I would suggest SHA2.
BCrypt is more a suite of encryption algorithms. And works quite well in many fields.
Talking about true encriyption , most famous ones are RSA , AES , DES and TWOFISH.

Report Abuse

Spam (off topic & commercial)
Inappropriate (profanity, hate speech, or other violations per Terms of Service)
Plagiarism (copy and paste text without proper citations)
Illegal (fraud, phishing, violence, threats, privacy invasion, harm to minors)

Details

add an image by: URL,
Search,
Upload

Selected images:

save images cancel

add a video by URL:

Selected videos:

save videos cancel

add an audio by URL:

Selected audio:

save audio cancel

About This Question

This question has been viewed 66 times.