Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Tue, 31 May 2005 05:29:09 +0400
From: Solar Designer <solar@...nwall.com>
To: announce@...ts.openwall.com
Subject: PHP password hashing framework

Hi,

We're making public a portable public domain password hashing framework
for use in PHP applications.  It is meant to work with PHP 3 and above,
and it has actually been tested with PHP 3.0.18, 4.3.x, and 5.0.x so far.
The homepage URL for this framework is:

	http://www.openwall.com/phpass/

The preferred (most secure) hashing method supported by phpass is the
OpenBSD-style bcrypt (known in PHP as CRYPT_BLOWFISH), with a fallback
to BSDI-style extended DES-based hashes (known in PHP as CRYPT_EXT_DES),
and a last resort fallback to an MD5-based variable iteration count
password hashing method implemented in phpass itself.

Included in the package are a PHP source file implementing the
PasswordHash PHP class, a tiny PHP application demonstrating the use
of the PasswordHash class, and a C re-implementation of the last
resort password hashing method (used for testing the correctness of
the primary implementation only).

-- 
Alexander Peslyak <solar at openwall.com>
GPG key ID: B35D3598  fp: 6429 0D7E F130 C13E C929  6447 73C3 A290 B35D 3598
http://www.openwall.com - bringing security into open computing environments

Was I helpful?  Please give your feedback here: http://rate.affero.net/solar

[ CONTENT OF TYPE application/pgp-signature SKIPPED ]

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ