Hi All,
I'm looking at methods of hash salting in relationship to registration and
login user functionality.
I've looked at three methods for storing the salt.
1. Add another field to the user table for storing the salt (in plain text)
that was generated randomly upon registration. (or use another peice of user
info, like registration date)
2. Hardcode a global salt value
3. Both
Anyone care to discuss which, if any, is the prefered method? Is the extra
query work for the database method a big issue for large user bases?
Cheers
Aaron Cooper
--~--~---------~--~----~------------~-------~--~----~
NZ PHP Users Group: http://groups.google.com/group/nzphpug
To post, send email to [email protected]
To unsubscribe, send email to
[EMAIL PROTECTED]
-~----------~----~----~----~------~----~------~--~---
