Ah, here we go sorry for the spam, it seems I was correct. under Authentication it does state "By default the hash type set in Security class will be used." Sorry if this caused any confusion, I was doubting myself: http://book.cakephp.org/2.0/en/core-libraries/components/authentication.html#hashing-passwords
On 9 January 2015 at 11:09, Stephen S <[email protected]> wrote: > In hindsight I may be wrong on that last comment, I think the salt is > actually for Security::hash rather than the Auth component, something I've > never thought about before, apologies. > > > On 9 January 2015 at 11:07, Stephen S <[email protected]> wrote: > >> Hey >> >> If you check out the comments above these configuration values it should >> explain what they are for. >> >> When you use CakePHP's "Auth" component in your application, by default >> it will use the Security.salt value when it is hashing passwords and the >> like, it's a bad idea to keep this at the default value though you can >> introduce your own hashing methods if you desire. >> >> Likewise the cipherSeed is used for encryption and decryption rather than >> hashing. >> >> Some resources that might be helpful: >> >> What is Salt? >> http://stackoverflow.com/questions/5584620/what-is-salt-and-how-do-i-use-it >> Auth Documentation: >> http://book.cakephp.org/2.0/en/core-libraries/components/authentication.html >> Security Documentation: >> http://book.cakephp.org/2.0/en/core-utility-libraries/security.html >> >> Cheers >> >> On 7 January 2015 at 19:19, Cake.newbie <[email protected]> >> wrote: >> >>> Hi everyone, >>> >>> >>> I just started using CakePHP today :) and i really didn't find an answer >>> for my questions. >>> What *Security.salt* and *Security.cipherSeed* are ? >>> Where/when/for what Security.salt and Security.cipherSeed are used ? >>> >>> Thanks. >>> >>> -- >>> Like Us on FaceBook https://www.facebook.com/CakePHP >>> Find us on Twitter http://twitter.com/CakePHP >>> >>> --- >>> You received this message because you are subscribed to the Google >>> Groups "CakePHP" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to [email protected]. >>> To post to this group, send email to [email protected]. >>> Visit this group at http://groups.google.com/group/cake-php. >>> For more options, visit https://groups.google.com/d/optout. >>> >> >> >> >> -- >> Kind Regards >> Stephen Speakman >> > > > > -- > Kind Regards > Stephen Speakman > -- Kind Regards Stephen Speakman -- Like Us on FaceBook https://www.facebook.com/CakePHP Find us on Twitter http://twitter.com/CakePHP --- You received this message because you are subscribed to the Google Groups "CakePHP" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/cake-php. For more options, visit https://groups.google.com/d/optout.
