On 4/18/06, Giff Hammar [EMAIL PROTECTED] wrote:
For an example, look at how UNIX/Linux stores regular login passwords. In
short, the salt is the first two characters in the password. When comparing
passwords, you take the salt and the user supplied password, encrypt, then
compare the two
Hi Guys,
I'm working on securing user passwords in a MySQL 4 database with a PHP5
frontend. I remember being told in one of my classes (I'm currently a
college junior) that the best way would be to hash a salt and the password
together and then store the hash in the database instead of the plain
On 4/18/06, Sean Mumford [EMAIL PROTECTED] wrote:
Hi Guys,
I'm working on securing user passwords in a MySQL 4 database with a PHP5
frontend. I remember being told in one of my classes (I'm currently a
college junior) that the best way would be to hash a salt and the password
together and
password matches the original. AFAIK, that is the only way to verify
passwords encrypted with a one-way algorithm.
Giff
-Original Message-
From: chris smith [mailto:[EMAIL PROTECTED]
Sent: Monday, April 17, 2006 4:36 PM
To: Sean Mumford
Cc: php-db@lists.php.net
Subject: Re: [PHP-DB] MD5
the original. AFAIK, that is the only way to verify
passwords encrypted with a one-way algorithm.
Giff
-Original Message-
From: chris smith [mailto:[EMAIL PROTECTED]
Sent: Monday, April 17, 2006 4:36 PM
To: Sean Mumford
Cc: php-db@lists.php.net
Subject: Re: [PHP-DB] MD5, MySQL, and salts
On 4
,
2006 4:36 PM
To: Sean Mumford
Cc: php-db@lists.php.net
Subject: Re: [PHP-DB] MD5, MySQL, and salts
On 4/18/06, Sean Mumford [EMAIL PROTECTED] wrote:
Hi Guys,
I'm working on securing user passwords in a MySQL 4 database with a
PHP5 frontend. I remember being told in one of my classes (I'm
you need the key to be easily available, so row id or a set date field(one
that does not change as opposed to a timestamp type field)
bastien
From: Sean Mumford [EMAIL PROTECTED]
To: php-db@lists.php.net
Subject: [PHP-DB] MD5, MySQL, and salts
Date: Mon, 17 Apr 2006 15:33:58 -0400
Hi Guys
