This question already has an answer here:

Question author Frobak | Source



From OP's comment:

i was just purely asking to save forcing all users to ti change their passwords if their password was below a certain character limit – frobak

The answer to this then is to use strlen():

As for MD5, don't use it it's totally unsafe. A lot of water has gone under the bridge in over 30 years.

Use password_hash():

As for decrypting a hash; it can't be done/reversed; that's why it's called a hash and not encrypted.

There are what's called "Rainbow tables":

But I'll have to force all users to change their passwords by the looks of it

Consult the following: Converting md5 password hashes to PHP 5.5 password_hash()

That way you can "hit two posts with one stone".

However, MD5 is 32-length. You will need to increase that to 60+ in order to have the proper length when using password_hash() and as Jay Blanchard stated in his comment, otherwise that may fail "silently" later on when using password_verify().

Answer author Fred-ii

Ask about this question here!