On 23 Mar 2003 Justin French wrote:
> That's in the user notes... ignor it... md5() does not have to be salted...
> infact, you WANT the md5() to be static... because you will compare the
> md5()'d password in the database with the md5()'d password that they submit
> on a form.
Exactly. On this
You can use a static salt from within your application though.
Jason
Justin French wrote:
on 23/03/03 2:02 AM, [EMAIL PROTECTED] ([EMAIL PROTECTED]) wrote:
On 23 Mar 2003 Justin French wrote:
I just md5() the passwords, and reset them if needed... rather than
retrieving. The advantage for me
on 23/03/03 2:02 AM, [EMAIL PROTECTED] ([EMAIL PROTECTED]) wrote:
> On 23 Mar 2003 Justin French wrote:
>
>> I just md5() the passwords, and reset them if needed... rather than
>> retrieving. The advantage for me on this is that it's portable... md5() is
>> part of the base PHP install, whereas
On Sat, 22 Mar 2003 09:31:14 -0500, you wrote:
>First off, there are multiple encryption methods out there -- PHP
>crypt() and the mcrypt functions, and MySQL encrypt(), for encryption;
>and the md5 etc. functions for hashing. Is there any information on
>best practices here, particularly in u
On 23 Mar 2003 Justin French wrote:
> I just md5() the passwords, and reset them if needed... rather than
> retrieving. The advantage for me on this is that it's portable... md5() is
> part of the base PHP install, whereas the mcrypt stuff isn't (or wasn't).
Something like that was my inclinatio
I just md5() the passwords, and reset them if needed... rather than
retrieving. The advantage for me on this is that it's portable... md5() is
part of the base PHP install, whereas the mcrypt stuff isn't (or wasn't).
Justin
on 23/03/03 1:31 AM, [EMAIL PROTECTED] ([EMAIL PROTECTED]) wrote:
> I
6 matches
Mail list logo
