Hacking with PHP has been updated for PHP 7 - click here! >>

Alternative data hashing

string md5 ( string source [, bool raw_output])

Although the sha1() function is recommended for hashing data securely, another popular algorithm is MD5, where the "MD" for Message Digest. The md5() function produces a data hash in exactly the same way as sha1(), with the difference is that it is only 32-bytes long. Because sha1() is longer, it is less likely to have a "collision" - a situation where two different strings share the same hash.

Using md5() is the same as using sha1():

    $md5hash = md5("My string");
    print $md5hash;

Note if you are thinking having fewer bits in MD5 makes it less secure, you are correct - but only just. An MD5 hash is 32 bytes long, which is equal to 128 bits. That is, an MD5 hash can be made up of 3.4028236692093846346337460743177e+38 different possibilities, more commonly referred to as 2 to the power of 128. This an enormous number of varieties, and so is quite secure for most purposes.


If this was helpful, please take a moment to tell others about Hacking with PHP by tweeting about it!

Next chapter: Automatically escaping strings >>

Previous chapter: Making a secure data hash

Jump to:


Home: Table of Contents

Copyright ©2015 Paul Hudson. Follow me: @twostraws.