Fixing Insecure Cryptographic Storage in PHP

Note: This post is part of our series on “How to Fix Insecure Cryptographic Storage“. The series contains examples on how to implementing secure cryptography in various programming languages.

As seen below using the following code we can encrypt sensitive values such as passwords in PHP

    $salt = sha1(getRandomSalt());
    $password = sha1($salt,'user_password');
    // Insert into database