I don't see how it could be randomly generated else how would you be able to use it for authenticating etc but then I'm not a security expert. I use a long character string known only to me and stored outside my web directory. Maybe other ppl do differently I don't know.
----- Original Message ----- From: "Pablo Oliva" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Sunday, September 29, 2002 7:52 PM Subject: [PHP] hash function secret > I was reading the sept. issue of linux magazine and they discussed > security issues with web apps. > > They mentioned that to generate signatures, you should include a secret > with your hash function: > s = S(m) = H(secret, H(m, secret)) > > What is the secret, just a sort of secret code that you include, like > some sort of random password: " gr8ckret46eme " as an example ??? > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
