Maybe I am missing something, but doesn't storing the salt in plain texas in the same row as the user in question defeat a main purpose of a salt in data integrity / security if compromised? The only thing you are achieving with your salt by storing it in such a way is making the hash value harder to decider over sniffing which is a small (imo) feature of salting passwords.
On Sat, Apr 12, 2008 at 4:32 PM, Joó Ádám <[EMAIL PROTECTED]> wrote: > Also: what's that $blowfish variable? There have to be the name of the > field wich contains the salt hash for each record. > > > Ádám >
