Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Is there any way to use bcrypt "hashing" in PHP 5.2?

I'm running a website with password hashing, but I think the current algorithm is insufficient. I tried to use PHP's crypt() with the blowfish option, but my PHP version is only 5.2 so CRYPT_BLOWFISH is not enabled.

I've seen 3rd party libraries that can encrypt via Blowfish, but none that do the full Bcrypt hashing. Is there any PHP library you know of that has bcrypt hashing without use of the crypt() function? Or, even better, any method of feeding a 3rd party blowfish encryption algorithm into a 3rd party bcrypt hashing algorithm?

Just to clarify, I am not able to install a newer version of PHP, as I'm on shared hosting.

I would really appreciate any suggestions! Thanks!

like image 422
user887068 Avatar asked Aug 10 '11 03:08

user887068


1 Answers

If you can install the Suhosin extension, bcrypt will work with Blowfish. (You don't need to recompile PHP, the extension is enough.)

On Ubuntu, you install it like this:

sudo apt-get install php5-suhosin
like image 159
Christian Davén Avatar answered Sep 18 '22 13:09

Christian Davén