As part of the web-based user login I've been working on, I want to
create salted, hashed passwords.
The problem is that because each page request starts a new console
session, the random seed is often the same (7^5), and each registering
user gets the same "salt"
NB.*createSalt v generates salt as 4-byte integer
NB. e.g. createSalt ''
createSalt=: ([: _2&(3!:4) a. {~ [: ? 256 $~ ])&4
createSalt''
2094548590
>From my reading of the dictionary and past forum threads, I'm thinking
that what I need to do is "randomly" set the random seed before creating
the salt. For the case of the default RNG used by J, it seems that the
seed could be either an integer or a list of integers. My question is
what is a good way of coming up with that list of integers.
A couple of forum posts mention using the system time as a source of the
seed.
<.6!:0'' NB. Is this OK?
(10#:1000*{:ts)|.<.ts=:(6!:0)'' NB. Better?
Are there other better solutions?
----------------------------------------------------------------------
For information about J forums see http://www.jsoftware.com/forums.htm
