Common hashing functions are unsuitable for passwords
According to PHP team, common hashing functions such as
sha1() are unsuitable for passwords. Why? They’re to fast and by this, not so secure and open to brute-force decrypt. No matter, what you think about this, we must admit, that
md5() function is listed among “Text Functions” in PHP’s docs, so it doesn’t even touch “Encryption” or “Security” parts in documentation.
Mcrypt seems to be good alternative to those. And
mcrypt-module-open function contains good example on both crypting and decrypting with mcrypt. See mentioned article for more details and other alternatives.