I want to implement a salt into my login system but am a bit confused on how this is supposed to work. I can\'t understand the logic behind it. I understand md5 is a one-way algorithm and all of the f
I was just going through one of DavidHayden\'s articles on Hashing User Passwords. Really I can\'t get what he is trying to achieve.
I have a need to specify a custom salt when encoding passwords with acegi 0.5.2 plugin for grails. I have found a tutorial that shows how to use a ReflectionSaltSource using a parameter of the user (
I was wondering - is there any disadvantages in using the hash of something as a salt of itself? E.g. hashAlgorithm(data + hashAlgorithm(data))
How strong do salts need to be? At the moment I use this function to generate a \"unique\" salt upon user registration:
What are the advantages / disadvantages of those 3 methods to create a salt? $salt = md5($password); $salt = sha1(md5($password));
Is there any benefit in salting passwords for a strong, unique (not used for other applications by the user) password?
I\'ve spent the past 2 hours reading up on salting passwords, making sure that I understood the idea. I was hoping some of you could share your knowledge on my conclusions.
My understanding is that a salt is not intended to be secret, it is merely intended to be different from any centralized standard so that you can\'t develop a rainbow table or similar attack to break
加载中,请稍侯......