27 | Hashing Using PHP for Beginners | 2023 | Learn PHP Full Course For Beginners
ฝัง
- เผยแพร่เมื่อ 5 ส.ค. 2024
- In this PHP tutorial I will teach you about hashing using PHP, in order to make your data more secure, and harder to gain access to. 🙂 We have two common ways to do hashing. One is to hash general data, and the other is when hashing passwords. I will show both in this tutorial here.
➤ LINKS
The code for the last example: • 22 | INSERT INTO Datab...
➤ TIMESTAMPS
00:00:00 - What is hashing?
00:02:51 - What is a salt?
00:03:18 - How to do general hashing
00:11:34 - How to hash passwords
00:19:01 - Password hash example!
➤ GET ACCESS TO MY LESSON MATERIAL HERE!
First of all, thank you for all the support you have given me!
I am really glad to have such an awesome community on my channel. It motivates me to continue creating and uploading content! So thank you!
I am now using Patreon and TH-cam Memberships to share improved and updated lesson material, and for a small fee you can access all the material either from my memberships or Patreon, depending on your preference. I have worked hard, and done my best to help you understand what I teach.
I hope you will find it helpful :)
Memberships: / @dani_krossing
Patreon: / mmtuts
A bit confusing in start but crystal clear in the end. Thanks for the amazing lecture.
I'm really glad you're talking about safety as well. Usually this gets skipped alot in tutorials.
In my last playlist from many years ago, I also skipped a lot of security. There can quickly become too much focus on the language itself, on not on all the “extra”. Which is too bad since the “extra” is equally important. 🙂 it’s also part of the reason I am recreating this course. 😊
me to
@@Dani_Krossing We r glad u did that.
Excellent Course! Greetings from Argentina
Thank you for providing quality content which is straight forward and easy to follow, love from South Africa
Thank you for this! Really helped me a lot!!!
Great video, I love the fact when I started programming I used your videos as a reference since they are so straightforward and to the point.
A VERY BIG MASSIVE ENORMOUS THANKSSSSSSS
ty
great one
super helpful thankyou
Hi, thanks for the video.
few things:
- hash is one way encryption algorithm, any kind custom hash like you show or buit-in should not use for data sensitive data like email, name, etc because you will need to show that info in the web pages. in other hand password you never show in web pages or any places, as such hash make sense and php, as you show, has buit-in function for that.
- for sensitive data such name, address, email, etc, where for example in Europe is required to be secure, you use an two encryption algorithm, because you need "decripted" show this info in web pages, i think for this is best use database for that instead of PHP, in case of switching of language.
- i didnt see video about signUp, however, instead of using "bindParam" methode, you can create an assoc array and put as param into "execute" method
Thank you
I can't wait for next videos pls upload next lessons
❤❤
Hi, from Madagascar
This course is really helpful, usually you gotta pay for this type of thing. I would like to ask tho will you cover topics for form validation, checking the email is valid and password strength etc?
I really like your videos, I would like to suggest , show us how to make Login with google :)
Your videos are so simple. I recently just finished a full basic course on PHP. But i didnt get the logic compared to the Nodejs i write. Because it didnt feel industry material. But watched few of your videos on sessions, my sql and i know i can no build an actual secure crud app with php.
Hey Dani great video!! Just to clarify one thing, the first parameter on function "password_verify" is unencrypted and the second encrypted. So I understand that the function encrypts the first parameter before comparing. ¿is it right?
#AllEyesOnIOKandRafah
Just to clarify, salts don't make passwords stronger as such. They're a method of making a deterministic process random; two identical inputs won't equal the same output.
Also, don't use === to compare hashes. You need a time sensitive comparison. Use hash equal.
Hi Dani, loving the videos! I feel so much more confident with php/rDBMS now!
Question regarding one of the last comments you made about using hashing to protect any sensitive data stored on the database: obviously passwords fit in this category, but would things like a person's address/phone number/date of birth also fall under this sensitive data that would need to be hashed due to the personal nature of the information? Or would this cause too much of a strain on the database/be a pain for the developers?
Thanks for the help and hope your 2024 treats you will :D
Passwords are important to hash every time. 🙂
Emails are usually not hashed, since we store them for a reason, so we can send mails to our users. But they should still be treated with care, since we don't want users to be able to see other users emails.
We do also use tokens to improve security, to verify the user is the actual user, who is making changes to their account/database column, and those tokens need to be hashed too.
And then we have information like credit cards, social security numbers, or other sensitive information that you wouldn't even share with other people IRL, and those need to be encrypted (not hashed) in most cases.
Hope this helped. 🙂
what is difference between hash and encryption?
@@Dani_Krossing
thank you Mr Dani What is te difference between PASSWORD_BYCRPT and PASSWORD_DEFAULT and which one should I use??
Like mentioned in the video, PASSWORD_DEFAULT uses PASSWORD_BCRYPT as its default atm. 🙂 The difference is that DEFAULT might change in the future, depending on what the creators of PHP think it should be, where as BCRYPT will give us more control.
lines 8 and 20 are the same?
Please are you going to do a login and signup system in the future videos
I was planning on the next video being a login and signup system, using everything we have learned up until now 🙂
Please tell me you will still be making videos about code! Idc which code it is. I feel like you are too good to give this up.
Ty 😊 I’m trying to find time
@@Dani_Krossing good to know you are staying busy! I’m a first year developer using PHP and Laravel at work. I’m self taught so I have a lot of gaps in my knowledge. But I just wanted to let you know your videos have been incredible for me since I came across you recently. Thank for all you have put out so far!
Dani what if I export the data in excel sheet will it still have the hashing.
Yes. Hashing isn’t supposed to be known by anyone, except the person who submitted the data.
So if for example you have a password field, then even you as the owner of the website, shouldn’t be allowed to just print out all your users passwords. This could lead to A LOT of trouble, since you would be sharing extremely sensitive information. Even if it “just printed out”. 🙂
Thank you soo much master 😊💯
Is not easier to use an captcha instead of increasing the complexity of password?
Captcha is a good addition, but you still need to keep passwords complex and secure.
somehow you look like Elon Musk
@hiamblax from Zambia
You really help me with your videos❤