Hi, When user signs up and is added to the "users" database, a field called "salt" will store a random 5 character string.
When verifying the credentials, the password will consist of MD5($salt.$password). So if user enters username and password - the code will fetch the salt from the database for that user and than compare the password with the salt and password combo. Has anyone done this in Zend Framework yet? -- View this message in context: http://www.nabble.com/adding-%22salt%22-to-logging-in-and-password-security-tp16646218p16646218.html Sent from the Zend Framework mailing list archive at Nabble.com.
