Hi,
After knowing that hashing a password is my choice for making a login form. Now I am facing another issue - sha1, sha256 or sha512?
This is a standard method using salt I think I got it from a reference book of mine,
# create a salt using the current timestamp
$salt = time();
# encrypt the password and salt with SHA1
$usr_password = sha1($usr_password.$salt);
but then after I have done some research on sha1, it was told it may not be so secure in the future, suggesting using hash().
But I don't quite understand using hash() - for instance -
$usr_password = hash('sha256', $usr_password);
what is that 'sha256' or 'sha512' which I found it here?
http://hungred.com/useful-information/php-better-hashing-password/
can I put anything instead, like '@123'?
why is it called salt anyway - $salt = time(); is nothing else but just a unix timestamp isn't it?
thanks!