Hi, > Correst me if I'm wrong... but assuming that your salt string is hard coded > into the program, with a MD5 a password + salt is no more secure then a > simple password?
Well if you store the hash by itself, if an attacker gets hold of your hashes they could be brute forced. However with the addition of a salt it would be largely pointless since you need both pieces (?) of information (password plus salt) to generate the hash. -- Richard Heyes HTML5 Graphing for FF, Chrome, Opera and Safari: http://www.rgraph.org (Updated December 20th) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
