On 12/11/2012 3:38 PM, Ed Leafe wrote:
On Dec 11, 2012, at 2:06 PM, Stephen Russell <[email protected]> wrote:
Does this separate table have one humongous column that is a hash of PW,
UserIdentity, maybe site salt?
The column is the hash of password + user-specific salt.
You should read the postings of security experts, and follow their
recommendations. I always find it amazing that so many developers think that
they can do as good or better than the people who do this full-time.
"user-specific salt" --> is that the same as those "secret questions"
that I fill out on some websites? Are those answers my "salt" ?
--
Mike Babcock, MCP
MB Software Solutions, LLC
President, Chief Software Architect
http://mbsoftwaresolutions.com
http://fabmate.com
http://twitter.com/mbabcock16
_______________________________________________
Post Messages to: [email protected]
Subscription Maintenance: http://mail.leafe.com/mailman/listinfo/profox
OT-free version of this list: http://mail.leafe.com/mailman/listinfo/profoxtech
Searchable Archive: http://leafe.com/archives/search/profox
This message:
http://leafe.com/archives/byMID/profox/[email protected]
** All postings, unless explicitly stated otherwise, are the opinions of the
author, and do not constitute legal or medical advice. This statement is added
to the messages for those lawyers who are too stupid to see the obvious.
