On 4/18/06, Giff Hammar <[EMAIL PROTECTED]> wrote:
> For an example, look at how UNIX/Linux stores regular login passwords. In
> short, the salt is the first two characters in the password. When comparing
> passwords, you take the salt and the user supplied password, encrypt, then
> compare the two
you need the key to be easily available, so row id or a set date field(one
that does not change as opposed to a timestamp type field)
bastien
From: "Sean Mumford" <[EMAIL PROTECTED]>
To:
Subject: [PHP-DB] MD5, MySQL, and salts
Date: Mon, 17 Apr 2006 15:33:58 -0400
Hi Guys
Sent: Monday, April 17,
2006 4:36 PM
To: Sean Mumford
Cc: php-db@lists.php.net
Subject: Re: [PHP-DB] MD5, MySQL, and salts
On 4/18/06, Sean Mumford <[EMAIL PROTECTED]> wrote:
Hi Guys,
I'm working on securing user passwords in a MySQL 4 database with a
PHP5 frontend. I remember being
atches the original. AFAIK, that is the only way to verify
passwords encrypted with a one-way algorithm.
Giff
-Original Message-
From: chris smith [mailto:[EMAIL PROTECTED]
Sent: Monday, April 17, 2006 4:36 PM
To: Sean Mumford
Cc: php-db@lists.php.net
Subject: Re: [PHP-DB] MD5, MySQL, and
password matches the original. AFAIK, that is the only way to verify
passwords encrypted with a one-way algorithm.
Giff
-Original Message-
From: chris smith [mailto:[EMAIL PROTECTED]
Sent: Monday, April 17, 2006 4:36 PM
To: Sean Mumford
Cc: php-db@lists.php.net
Subject: Re: [PHP-DB] MD5
On 4/18/06, Sean Mumford <[EMAIL PROTECTED]> wrote:
> Hi Guys,
> I'm working on securing user passwords in a MySQL 4 database with a PHP5
> frontend. I remember being told in one of my classes (I'm currently a
> college junior) that the best way would be to hash a salt and the password
> together a
Hi Guys,
I'm working on securing user passwords in a MySQL 4 database with a PHP5
frontend. I remember being told in one of my classes (I'm currently a
college junior) that the best way would be to hash a salt and the password
together and then store the hash in the database instead of the plain MD