Possible to convert MD5 to SHA256?

php mysql database md5 sha256

23,348

Hashing algorithms are one-way i.e. They cannot be reversed unlike Encryption-Decryption algorithms.

MD5() is a hashing algorithm , so is SHA-1 / SHA-256;

It is good to know that you have stopped using MD5() and moving to SHA-256()

Solution to your problem.

First run a query in your users table like this

UPDATE users_t SET PASSWORD=SHA2(PASSWORD,256) WHERE 1=1

Now all your MD5 Hashed passwords will be converted to SHA256 Hashes.

However, you cannot stop using MD5 on your login/register pages.. You have to change your checking logic like

$pass = $_POST['password'];
$hashedpass = hash('sha256',md5($pass)); // Now you need to insert/verify

23,348

Updated on July 09, 2022

Ariana almost 2 years

I have a vBulletin Database with double MD5'd passwords and a salt, would it be possible to take the Password in the vBulletin database, convert them to SHA256, and then store them in a new database? Is there any real easy way to do this?

My main and only reason, is to prevent users from having to create new accounts, and to stop using MD5.
- Admin over 10 years
  
  Encryption like MD5 SHA256 etc can not be reversed the only thing you can do now is to ask your user to change their passwords or you reset passwords of all your users and email them..
- Mark over 10 years
  
  Create a new password column in your database where you will store the new hashes. Once a user logs in, use the raw password he/she provided to hash it using sha256. Sooner or later, most of the active users' passwords will be hashed with sha256.
showdev almost 5 years

I'm not aware of those MySQL and PHP functions. You might consider MySQL's SHA2() function and PHP's hash() or password_hash().
Jon Strayer about 3 years

You just did a sha256 of the md5 of the password. That's not much more secure than the md5 was.