Thanks for the info guys :DI've been searching and reading for the last 2 days about PHP password Cryptographic hashing.The most common and secure functions I came across were sha256/512 , bcrypt , HMAC , PBKDF2(Password-Based Key Derivation Function) and PHPass.From what I've been reading speed is an enemy (http://codahale.com/how-to-safely-store-a-password/)So I've been looking for the "slowest" secure hashing algorithm which I found is bcrypt and PHPass (http://www.openwall.com/phpass/).Now I can't make up my mind which one to use. :confused:What do you guys think? Which one should I go with and why?Just to make sure:1. bcrypt = crypt_blowfish right ?2. bcrypt and PHPass are both hash + salt functions ? I mean I don't have to add salt, they already have the salt function built-in.Thanks in advance!