On 4/17/08, Eric Marden <[EMAIL PROTECTED]> wrote: > P.S. - I'm not considering storing the salt in the DB as being properly > secured. That's kind of like keeping the key to your house under the > door mat. You can get in, if you know where to look.
The UNIX passwd database and LDAP userPassword attribute store the salt in plain sight with the password hash. -- Michael B Allen PHP Active Directory SPNEGO SSO http://www.ioplex.com/
