I use this one as it has some bug fixes. https://github.com/timkurvers/as3-crypto
You should be able to pass AES between the 2. I do it with PHP. You may have to play with padding and the IV between the Languages. Thank You, Stephen C -All of my email addresses go to the same place -Save Paper, think before you print -PGP Public Key<https://docs.google.com/file/d/0B0JeFeQj5XjkZC0talFuRExyc0E/edit?usp=sharing> On Thu, Oct 31, 2013 at 7:53 AM, Kessler CTR Mark J < [email protected]> wrote: > Very good point, store the randomly generated salt in a user record next > to their salted hashed password. Definitely adds more time to resolving > passwords when they have to try hashing with salts. Makes static lookup > tables(like rainbow) much harder to use. > > -Mark > > -----Original Message----- > From: Justin Mclean [mailto:[email protected]] > > Hi, > > > it would be better if you did a one way hash on the client and stored > hashed value in a database > +1 and another +1 if you salt that hash. > > However using a modern GPU it's possible to check about 100 MD5 million > hashes a second so it's becoming less and less secure. > > Justin >
