In your login.php
(?) you convert the old passwords from MD5 to bcrypt and replace the old MD5 hash in the database with the new one.
Pseudo code:
$password = $_POST["password"];
if (substr($pwInDatabase, 0, 1) == "$")
{
// Password already converted, verify using password_verify
}
else
{
// User still using the old MD5, update it!
if (md5($password) == $pwInDatabase)
{
$db->storePw(password_hash($password));
}
}
Double hashing would not increase the security of bcrypt, as bcrypt itsef is a one-way hashing function.
Nota: MD5 produces a 32 character length string, while password_hash()
is a minimum of 60.
Read the manual:
If and when you do decide to use password_hash()
or the compatibility pack (if PHP < 5.5) https://github.com/ircmaxell/password_compat/, it is important to note that if your present password column's length is anything lower than 60, it will need to be changed to that (or higher). The manual suggests a length of 255.
You will need to ALTER your column's length and start over with a new hash in order for it to take effect. Otherwise, MySQL will fail silently.