I read on PHP.net that MD5 is useless, and they suggest using crypt + salt.
So, I went to their function description and read
<?php
$password = crypt('mypassword'); // let the salt be automatically generated
/* You should pass the entire results of crypt() as the salt for comparing a
password, to avoid problems when different hashing algorithms are used. (As
it says above, standard DES-based password hashing uses a 2-character salt,
but MD5-based hashing uses 12.) */
if (crypt($user_input, $password) == $password) {
echo "Password verified!";
}
?>
or in my case something like :
$stored_password=fetch_password($user);
if (crypt($_REQUEST['password'],$stored_password)===$stored_password) {
// ok
}
So, when I see that the salt is stored in the hashed password and that you use that hashed password as salt, I think Crypt + Salt is not more secure against a brute force on output (hackers who managed to steal hashed passwords). Is it more secure?
Against a dictionary attack, I can understand its power, but for a brute force attack on hashed passwords, I don’t see the advantage.
Crypt with hash is simply more expensive than MD5. An attacker would need more compute time, thence this is more secure.
For a password and MD5, an attacker could use precomputed tables for MD5 PLUS have the advantage of MD5 to be very fast.
For a password and salted crypt, precomputed tables would be useless, PLUS crypt needs more horsepowers than MD5
There are specially-crafted algoritms (google bcrypt), that have an intentionally high compute cost to take this even further.