Arvind Kanaka Raju writes: > > Doubts : When we create a new user, we use the crypt function with > salt,random,pepper etc to create a encrypted password but the output > string(encrypted password) is Given out as a different string everytime > we run the crpyting script.
That's because you're using random salt -- if you use the same salt, you get the same output string. The output string starts with the salt that was used to create it, so to check an existing password, use the existing (encrypted) password as the salt to encrypt what the user enters and then compare the output with the existing password. -- Larry Jones I won't eat any cereal that doesn't turn the milk purple. -- Calvin
