Here is an article that does a rather good job of describing the basics of salting and hashing passwords. Obviously not 4D centric, but the process itself is well explained.
https://crackstation.net/hashing-security.htm <https://crackstation.net/hashing-security.htm> Hope this helps! ~ Bart Alcorn > On Feb 7, 2018, at 6:15 AM, Norbert Pfaff <[email protected]> wrote: > > Hi, > > one of our customers has had a security check, which included also our > web-app. > > They write our passwords are not encrypted in the database, so that if > aggressor has access to the preferences of a user, he can see the password in > the html-code. > > They say we should save the password as a one-way hash. (Argon2) > > > What would you do? > > Norbert Pfaff > Hammelstalstr. 52 > 67098 Bad Dürkheim > > Fon: 06322 9108028 > Skype: npfaff > eMail: [email protected] > > > > _______________________________________________ > Active4D-dev mailing list > [email protected] > http://list.aparajitaworld.com/listinfo/active4d-dev > Archives: http://active4d-nabble.aparajitaworld.com/ _______________________________________________ Active4D-dev mailing list [email protected] http://list.aparajitaworld.com/listinfo/active4d-dev Archives: http://active4d-nabble.aparajitaworld.com/
