Part of the answer might be what the underlying functional requirement is. You could base64_encode() the hash, I suppose. But that includes "/" and "+" characters, as well as 0 to 2 "=" padding characters at the end.
"Please give us a simple answer, so that we don't have to think, because if we think, we might find answers that don't fit the way we want the world to be."
~ Terry Pratchett in Nation
Thank you very much. base64_encode() is the function I really need. I will use it to hash passwords. Of course, for security, the $data parameter will be the md5() hash output for the password.
I'd like to know an extra information. Why it was named as base64? What is the number 64 dedicated for? Does every value of its output unique? In other word, what's the probability for two different input strings to give similar output encoding string?
Just as base 16 (hexadecimal) has 16 digits: 0-9A-F, base64 has 64 digits: 0-9a-zA-Z/+. Note however that base64_encode() is NOT a hash, and is easily reversed (see base64_decode()), so it isn't really adding any significant security to your password hashing. The fact that other hashing algorithms output hex strings doesn't make them "weaker" than one that outputs base64 strings. If security is the driving force behind this question, I would recommend looking into using the hash function with the sha256 or sha512 algorithm (if available). And don't forget the salt.
"Please give us a simple answer, so that we don't have to think, because if we think, we might find answers that don't fit the way we want the world to be."
~ Terry Pratchett in Nation
Reply With Quote
Bookmarks