Wade Preston Shearer wrote: > I have recently written a users class that will manage user accounts for > our various web applications and would like some feedback on how I was > generating, storing, and validating user passwords. > > http://rafb.net/p/jW0XR647.html
Looks pretty good. I'd probably ditch the substr. But the db space you save is probably worth more than the ever so slight reduction in security. Thinking about it though. The salt only offers additional protection once someone gets a copy of the database. You have worse things to worry about if that happens. Orson _______________________________________________ UPHPU mailing list [email protected] http://uphpu.org/mailman/listinfo/uphpu IRC: #uphpu on irc.freenode.net
