On Tue, 22 Apr 2008 16:12:06 +0000, Paul Cowan <[EMAIL PROTECTED]> wrote:
>Hi,The SSL has nothing to do with the password encryption. We just need to make sure the communication is running over HTTPS.Can I use a salt with SHA-512? Sure, a salt is just extra bytes added to the creation of the hash. This could be a constant value, or (better) a contextual value. In the case of a login, this contextual value could be some piece of user information (other than password). This means that if two users had the same password, the stored hash would be extremely likely not be the same. See http://www.obviex.com/samples/hash.aspx for an example of one way of hashing with salts. =================================== This list is hosted by DevelopMentorĀ® http://www.develop.com View archives and manage your subscription(s) at http://discuss.develop.com
