Thanks for the password/info, however I have one further (possibly bumb) question, is
there a
commonly employed method of securing one's database to prevent hacker's peering in and
viewing
plain-text/hashed passwords?
I use MySQL 3.22.32 with php4.0.3
Cheers.
Russ
On Thu, 13 Sep 2001
A common way to identify a client is to use the challange-response
algorithm. It works like this:
Ps is the password stored on the server
Pc is the password entered by the client
H is a hash-function (md5 for example)
V is a 'random' value
Server calculates H(V + Ps) and save this in a session
