The crypt function is phrased as: crypt ( input_string, salt)
In this case input_string is the string you would like to encrypt (your password for example,) and salt is an optional parameter that influences how the encryption will work. PHP by default uses a two character DES salt string. If your system standard is MD5, a 12-character salt string is used.
The following are the four types of salt that work with all crypt () functions.
CRYPT_STD_DES – Standard DES-based encryption with a two character salt
CRYPT_EXT_DES – Extended DES-based encryption with a nine character salt
CRYPT_MD5 – MD5 encryption with a twelve character salt starting with $1$
CRYPT_BLOWFISH – Blowfish encryption with a sixteen character salt starting with $2$ or $2a$
Now let’s see what actually happens when we use crypt ()
<?php
$password = crypt(‘mypassword‘);
print $password . “ is the encrypted version of mypassword”;
?>
This will output the encrypted version of ‘mypassword’ for you to see. Now let’s try it using different types of salt.
<?php
$password = crypt(‘mypassword’ , ‘d4′);
print $password . ” is the CRYPT_STD_DES version of mypassword<br>”;
$password = crypt(‘mypassword’ , ‘k783d.y1g’);
print $password . ” is the CRYPT_EXT_DES version of mypassword<br>”;
$password = crypt(‘mypassword’ , ‘$1$d4juhy6d$’);
print $password . ” is the CRYPT_MD5 version of mypassword<br>”;
$password = crypt(‘mypassword’ , ‘$2a$07$kiuhgfslerd………..$’);
print $password . ” is the CRYPT_BLOWFISH version of mypassword<br>”;
?>
This will output something like this:
d4/qPbCcJ5tD. is the CRYPT_STD_DES version of mypassword
k7xEagYCDPPSc is the CRYPT_EXT_DES version of mypassword
$1$d4juhy6d$a.jIPYnvne1FWF2V6mGQR0 is the CRYPT_MD5 version of mypassword
$2a$07$kiuhgfslerd………..6k0kSI76CqJ/RWGnSp9MWRDF91gJZfW is the CRYPT_BLOWFISH version of mypassword
As long as you always use the same salt the encrypted password should always be the same, making it a good solution for password storage.