In my website I use md5
to crypt password user in my database (and store session user)
$pswUser = md5($_POST["password"]);
But I have just been told that this way of encrypting has become obsolete
I did some research to find out how to do it but most of the posts dates from two or three years ago So what is the best way to encrypt password in 2017 ?
Thank you
Isn't duplicate discussion ... Secure hash and salt for PHP passwords => 2009 ...
The password hash function in combination with password verify
https://secure.php.net/manual/en/function.password-hash.php https://secure.php.net/manual/en/function.password-verify.php