The new password_hash API in PHP 5.5 is nice and I'd like to start using it everywhere. Given an older project with an older database where passwords are stored in md5 hashes, what is the best way to go about migrating old user passwords to the new, more secure API?
Apart from simply prompting users to reset their password upon next login (this is impractical and annoying for users) I've thought about the possibility of using current md5 hash as the input to password_hash() for all my existing users. To verify passwords for these users (during login), I'd convert their input to an md5 hash and then use that to password_verify(). New users would be spared this extra step.
Is this a worthwhile way to go about this? Are there any better ways for transparent migration in which users are not nagged about password resets yet I can immediately enjoy the benefits of more secure hashing?
Most importantly, is there even a security benefit in taking existing md5 hashes (which are prone to brute force) and using the password_hash() API to "double-hash" it?
In your login.php
(?) you convert the old passwords from MD5 to bcrypt and replace the old MD5 hash in the database with the new one.
Pseudo code:
$password = $_POST["password"];
if (substr($pwInDatabase, 0, 1) == "$")
{
// Password already converted, verify using password_verify
}
else
{
// User still using the old MD5, update it!
if (md5($password) == $pwInDatabase)
{
$db->storePw(password_hash($password));
}
}
Double hashing would not increase the security of bcrypt, as bcrypt itsef is a one-way hashing function.
Nota: MD5 produces a 32 character length string, while password_hash()
is a minimum of 60.
Read the manual:
If and when you do decide to use password_hash()
or the compatibility pack (if PHP < 5.5) https://github.com/ircmaxell/password_compat/, it is important to note that if your present password column's length is anything lower than 60, it will need to be changed to that (or higher). The manual suggests a length of 255.
You will need to ALTER your column's length and start over with a new hash in order for it to take effect. Otherwise, MySQL will fail silently.
Since it is one way encryption, unless you want the users passwords on your login page, which is not secure, you can have the users reenter their passwords. The other option is to reencrypt all of the database records with password_hash()
on top of their md5()
hashed passwords and store those values to the database, then on your login PHP page put the password_hash()
around your md5()
, somewhat like:
password_hash(md5($_POST['password']));
Using the second way you don't have to have the user reset their passwords.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With