YouTube home Comedy Week on YouTube
Upload

Password Hashing in PHP

Anthony Ferrara Anthony Ferrara·16 videos
1,248
2,584
Like     Dislike 0

Sign in to YouTube

Sign in with your Google Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to like Anthony Ferrara's video.

Sign in to YouTube

Sign in with your Google Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to dislike Anthony Ferrara's video.

Sign in to YouTube

Sign in with your Google Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to add Anthony Ferrara's video to your playlist.

Published on Oct 8, 2012

An unconference talk that I gave at the PHP North West 2012 conference.

It explores the ways that password hashes are attacked, and how those attacks can be prevented. It also goes into some tools that are available to properly hash passwords for storage in PHP. We introduce the new Password Hashing API that will be available in PHP 5.5...

Slides: http://ircmaxell.github.com/password-...

References:
PHP 5.5 Password Hashing: https://wiki.php.net/rfc/password_hash
Password Compat: https://github.com/ircmaxell/password...
PasswordLib: https://github.com/ircmaxell/PHP-Pass...
PHPASS: http://www.openwall.com/phpass/

Tools:
John The Ripper: http://www.openwall.com/john/
HashCat: http://hashcat.net/

The interactive transcript could not be loaded.
Ratings have been disabled for this video.
Rating is available when the video has been rented.
This feature is not available right now. Please try again later.

Uploader Comments (Anthony Ferrara)

  • Anthony Ferrara

    Anthony Ferrara 7 months ago

    FYI: the bcrypt crack that was shown in the demo finally finished. In a grand total of 15 days 9 hours 24 minutes. To crack what MD5 cracked in 15 seconds... :-D

    · 8

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate Anthony Ferrara's comment.

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate Anthony Ferrara's comment.

Top Comments

  • brandonb927

    brandonb927 7 months ago

    Awesome video! Going to be showing a portion of this in a presentation to some university students as an alumni

    · 2

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate brandonb927's comment.

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate brandonb927's comment.

All Comments (15)

Sign in now to post a comment!
  • Henry Rafeh

    Henry Rafeh 2 months ago

    wow i didnt understand shit so confusing nube to this

    ·

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate Henry Rafeh's comment.

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate Henry Rafeh's comment.
  • Aaron Fisher

    Aaron Fisher 2 months ago

    Why is this still a thing, just because you use a Mac or Windows or whatever you use does not change your ability.

    ·

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate Aaron Fisher's comment.

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate Aaron Fisher's comment.
    in reply to gamer9774 (Show the comment)
  • Wesley Murch

    Wesley Murch 3 months ago

    I've always called it "PH Pass" (as in PASSword), but I there's something I like about about the way you say "PHP Ass".

    ·

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate Wesley Murch's comment.

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate Wesley Murch's comment.
  • gamer9774

    gamer9774 3 months ago

    mac user? * immediately clicks back button*

    ·

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate gamer9774's comment.

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate gamer9774's comment.
  • Kparris7

    Kparris7 4 months ago

    Thanks for the video man!

    ·

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate Kparris7's comment.

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate Kparris7's comment.
  • Thomas Maurstad Larsson

    Thomas Maurstad Larsson 6 months ago

    Awesome talk.

    ·

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate Thomas Maurstad Larsson's comment.

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate Thomas Maurstad Larsson's comment.
  • Bruno Cassol

    Bruno Cassol 7 months ago

    Awesome! Thank you for sharing!

    ·

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate Bruno Cassol's comment.

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate Bruno Cassol's comment.
  • Loading comment...
Loading...
Advertisement
Loading...
Working...
Sign in to add this to Watch Later