hackalive Posted June 27, 2012 Share Posted June 27, 2012 Hi guys, Im looking at how I can individually salt passwords as part of a login system. Does anyone know a tutorial or can tell me how to do this? Thanks Link to comment https://forums.phpfreaks.com/topic/264867-individually-salt-passwords/ Share on other sites More sharing options...
jcanker Posted June 27, 2012 Share Posted June 27, 2012 Jason Lengsdorf' Apress book, Pro PHP and jQuery has a whole section on this matter that's outstanding. http://www.apress.com/9781430228479/ Link to comment https://forums.phpfreaks.com/topic/264867-individually-salt-passwords/#findComment-1357386 Share on other sites More sharing options...
hackalive Posted June 27, 2012 Author Share Posted June 27, 2012 Jason Lengsdorf' Apress book, Pro PHP and jQuery has a whole section on this matter that's outstanding. http://www.apress.com/9781430228479/ Does it cover individually salted passwords? Link to comment https://forums.phpfreaks.com/topic/264867-individually-salt-passwords/#findComment-1357390 Share on other sites More sharing options...
scootstah Posted June 27, 2012 Share Posted June 27, 2012 Create a random string when the user signs up to use as a salt. Link to comment https://forums.phpfreaks.com/topic/264867-individually-salt-passwords/#findComment-1357428 Share on other sites More sharing options...
xyph Posted June 27, 2012 Share Posted June 27, 2012 If it's for production, use PHPass! There's an article on implementing it properly in my signature, along with other good security practises. Link to comment https://forums.phpfreaks.com/topic/264867-individually-salt-passwords/#findComment-1357443 Share on other sites More sharing options...
hackalive Posted July 2, 2012 Author Share Posted July 2, 2012 Yes it is for production. I will definitely take a careful look at it Thanks so much. Link to comment https://forums.phpfreaks.com/topic/264867-individually-salt-passwords/#findComment-1358505 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.