Insecure Crypto Algo

Please report bugs and any annoyances here. Kindly include all possible details: steps to reproduce, expected result, actual result, screenshots, ... etc.
Post Reply
nisar
Posts: 13
Joined: 2022-07-11 18:19

Insecure Crypto Algo

Post by nisar » 2022-10-17 06:32

It is observed that insecure Crypto Algo md5 is found which is not suitable for secure crypto algorithm. Please let us know about to change the Crypto Algorithm.
Attachments
Insecure Crypto Algo.jpeg
Insecure Crypto Algo.jpeg (61.33 KiB) Viewed 581 times

User avatar
jsetzer
AppGini Super Hero
AppGini Super Hero
Posts: 1807
Joined: 2018-07-06 06:03
Location: Kiel, Germany
Contact:

Re: Insecure Crypto Algo

Post by jsetzer » 2022-10-17 09:37

Hi,

just for your information:
PHP's password_hash()function does not return md5 but BCRYPT (CRYPT_BLOWFISH).

(1) You were probably confused by the fact that the encrypted value is stored in a database field named "passMd5". The name of the database field is irrelevant.

(2) The id-attribute of a DOM element in HTML is not security-relevant, I think.

Possibly duplicate of
viewtopic.php?f=11&t=4919
Kind regards,
<js />

My AppGini Blog:
https://appgini.bizzworxx.de/blog

You can help us helping you:
Please always put code fragments inside [code]...[/code] blocks for better readability

AppGini 24.10 Revision 1579 + all AppGini Helper tools

Post Reply