MD5 is not encryption. It's a deterministic hash. Which means that every single person with the same password will have the same hash. The reason why this is a bad idea is that it's super simple to use a table to cross-reference the hash to the real password. The bigger issue is that password hashing is designed to be DELIBERATELY SLOW. This makes it very difficult to keep guessing passwords. Please do not encourage anyone to use MD5 and you really should leave a massive disclaimer on this video.
But if username is empty and password is !empty? Or reverse? What will doing your code in this case? But if will introduce in sql two users with same usernames and two passwords? I think your code is not complete…
thank you .. it is really helpful but for now I am searching about encryption using DES data encryption standard how this will be done using php? any help please
hello, i got the code working properly but i use email as the requirement for logging in so when i access the user page it displays the "welcome example@email.com", can i ask some tips on how can i change it to a name while still using email as the needed authorization? thanksss
For the love of cookies WHY would ANYONE today even use MD5? PLEASE demonstrate bycrypt or blowfish hashing instead. We NEED to get away from MD5 and anything in SHA. They are NOT good for password hashing at all.
pls bro how can i fix this.. my database table says admin admin for username and password. and when i try loging in with admin admin as the username and password it says error wrong password. here is d code below pls help $err=""; if(isset($_POST['reg'])){ $username=$_POST['name']; $password=$_POST['p1']; if(!$username || !$password){ $err="Please enter username / password"; } else { $pass=substr(sha1(md5($password)), 3, 10); $q=$conn->query("SELECT * FROM admin WHERE name='$username' AND pass='$pass'") or die(mysqli_error($conn)); if(mysqli_num_rows($q)>0){ $_SESSION['who']=$username; header("location:$domain/admin-p.php"); exit; } else { $err="Incorrect username/password"; } } }
Thanx man for solving md5 problem into login page now its found...🙂
So sweet. Times where md5() was still considered secure :)
MD5 is not encryption. It's a deterministic hash. Which means that every single person with the same password will have the same hash. The reason why this is a bad idea is that it's super simple to use a table to cross-reference the hash to the real password. The bigger issue is that password hashing is designed to be DELIBERATELY SLOW. This makes it very difficult to keep guessing passwords. Please do not encourage anyone to use MD5 and you really should leave a massive disclaimer on this video.
thank you so much for the lesson. very clear and understandable.
Thank you so much dude you fixed my problem please make more i love this tutorial
Thank you Webslession, very helpful tutorial
Hello I want to learn about how you can remove md5 in a website to see users password
But if username is empty and password is !empty? Or reverse? What will doing your code in this case? But if will introduce in sql two users with same usernames and two passwords?
I think your code is not complete…
is it possible to decrypt the md5 hashed passwords ??
no
@@badhankumardhar1146 its only search if another user has been entred same md5 hash before,
Yes and that's why it's not a password encryption algorithm and should NEVER be used for passwords.
if iam login occur a error "wrong user details" we are giving a correct details but they cannot login
I am also facing the same problem.
same here
how to fix that
Thanku sir..
thank you .. it is really helpful
but for now I am searching about encryption using DES data encryption standard
how this will be done using php?
any help please
Thank you sir
thank you
instead of use && (and),u must use || (or) for validation,because AND is when both field are empty...am i wrong? or :)
indeed
hello, i got the code working properly but i use email as the requirement for logging in so when i access the user page it displays the "welcome example@email.com", can i ask some tips on how can i change it to a name while still using email as the needed authorization? thanksss
i can help your
Would you have the mysqli version?
Hi, Can you tell us how it's done while members upload avatar from my computer?
i have this script , i'm
working with this
thanks)))
For the love of cookies WHY would ANYONE today even use MD5? PLEASE demonstrate bycrypt or blowfish hashing instead. We NEED to get away from MD5 and anything in SHA. They are NOT good for password hashing at all.
mine is bring wrong details even when they are correct
thanks a lot
it seems like the voice is computer generated (text to speech)
It shows error that action is not define
can you make a tutorial about multi user login
pls bro how can i fix this..
my database table says admin admin for username and password. and when i try loging in with admin admin as the username and password it says error wrong password. here is d code below pls help
$err="";
if(isset($_POST['reg'])){
$username=$_POST['name'];
$password=$_POST['p1'];
if(!$username || !$password){
$err="Please enter username / password";
}
else {
$pass=substr(sha1(md5($password)), 3, 10);
$q=$conn->query("SELECT * FROM admin WHERE name='$username' AND pass='$pass'") or die(mysqli_error($conn));
if(mysqli_num_rows($q)>0){
$_SESSION['who']=$username;
header("location:$domain/admin-p.php");
exit;
}
else {
$err="Incorrect username/password";
}
}
}
use sha1 md5 can b hacked
How do I put it in use?
cant stand the data voice