Using md5 on a string always produces an alpha-numeric encrypted result, ie: no symbols.

However, when I using the php crypt() function, specifically the CRYPT_MD5 (and it is on, I’ve checked) with a salt, the supposed md5 hash it returns does not look like an md5 hash.

For example:

if I md5 the string ‘password’, I get:

$pass = md5('password');
echo $pass;
//5f4dcc3b5aa765d61d8327deb882cf99

if I use CRYPT_MD5, which is denoted by the ‘$1$’ prefix and the ‘$’ suffix with the salt being ‘salt’:

$pass = crypt('password', '$1$salt$');
echo $pass;
//$1$salt$qJH7.N4xYta3aEG/dfqo/0

Now, the algorithm and salt used are shown as expected, ‘$1$’ shows that the CRYPT_MD5 was used and the salt is shown to be ‘salt’ as between the $ signs.

However.. the hashed password after that last $ sign does not look like an md5… it has slashes and full-stops in it.

Why does it hash it this way? Is this not a real md5?

Please ask if you need me to clarify any of this. Ugh.