On Tue, 8 Jan 2002, Mike Eheler wrote:
> Is there any way to force PHP 4.1's crypt to generate crypt's with
> 2-letter salts? We've written some apps that do things the hack way --
> if (crypt($pass,substr($pass,0,2)) == $cryptpass) -- and changing all of
> them to work the extended way is a real pain the arse. That includes
> changing all our password generation code to create 2-letter salts.
> Any help much appreciated.
> In short -- I want crypt() to work like it did in 4.0.6.
This is exactly the reason you should use a specific standard hash
algorithm like MD5 or SHA-1 when encrypting passwords. The PHP crypt()
call uses the system call crypt(), which might vary between different
Look at the PHP man pages for crypt() and the mcrypt package for more info
on the subject. With mcrypt you can use whatever crypto function you need
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]