Hi how to secure my password in my "registration form" using salt and hash technique? And how the technique of salt and hash works?
+2
A:
A quick tutorial on how to salt passwords using codeigniter can be found on http://www.haughin.com/2008/02/17/handling-passwords-in-codeigniter/
If you want to know more about password hashes and salting of passwords there is pretty neat post on coding horror.
Tim
2010-05-03 10:57:52
+2
A:
Look at the documentation for the PHP crypt function.
Code snippet from there:
// let the salt be automatically generated
$password = crypt('mypassword');
if (crypt($user_input, $password) == $password)
{
echo "Password verified!";
}
Using SHA-1 with a fixed salt like in the other article is not really the best implementation. Variable salts are the way to go.
Unfortunately, it depends on your PHP installation what the default algorithm is, so you will want to check if it's something that's still considered reasonably secure.
Thorarin
2010-05-03 11:10:01