RE: Storing passwords in database as one way hash -The Solution

Neil Clark Wed, 18 Oct 2000 01:42:10 -0700

Okay, hash-ing the password seems to be an overkill - why not simply
generate a random key which you can use with encrypt(form.password, key)
this value can then be placed in the db along with the key...  when it comes
to it, simply decrypt the form.password with the given key and you're away.
If they don't match - see ya, if they do - cool. ;-)

People 'peeking' in your DB should never be a problem if it is set up
correctly with security et al.....

Neil

<! -----------------------------------
Neil Clark
Senior Web Applications Engineer
mcb digital
Tel. +44 (0)20 8941 3232
Tel. +44 (0)20 8408 8131 [Direct]
http://www.mcbdigital.com
----------------------------------->



------------------------------------------------------------------------------------------------
Archives: http://www.mail-archive.com/[email protected]/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists or send a message 
with 'unsubscribe' in the body to [EMAIL PROTECTED]

RE: Storing passwords in database as one way hash -The Solution

Reply via email to