I\'m preparing to put a project publicly on github. In my project, for login authentication, I take a string and strongly type it as a Password:
I know there are tons of blogs, articles, and questions on SO about salting passwords, but one thing I haven\'t been able to find an answer to is this:
Is it possible to add a salt to passwords in .hpasswd files? I assume not since the server would need the开发者_开发百科 salt for each user in order to verify the password and I can\'t think of how it
I\'m using salt to encrypt my users\' passwords. I\'m using PHP, and here\'s a quick sample of what happens during a users registers.
Here\'s the function I\'m using to generate random salts: function generateRandomString($nbLetters){ $randString=\"\";
So, I\'m cool with using a per-user salt to hash my users\' passwords. However, there\'s one piece of advice in the accepted answer:
I am learnin开发者_运维知识库g Rails, at the moment, but the answer doesn\'t have to be Rails specific.
I\'ve been using PHP\'s crypt() as a way to store and verify passwords in my database. I use hashing for other things, but crypt() for passwords. The documentation isn\'t that good and there seems to
Salt (Syn Cole Remix) Ava Max 专辑:Salt (The Remixes) 语种: 英语 流派:Pop 唱片公司:华纳唱片
Is it a bad idea to use an email address as t开发者_如何转开发he salt for a password?EDIT: Let me refer you to this answer on Security StackExchange which explains a lot of details about password hash
加载中,请稍侯......