maxudaskin Posted August 23, 2008 Share Posted August 23, 2008 I was wondering if a static salt such as h4GFX9* is as secure as a dynamic salt such as (if this was for a login script) the MD5 hash of the username. Is it any more secure to have a dynamic salt and/or a static salt? Link to comment https://forums.phpfreaks.com/topic/120960-solved-salt/ Share on other sites More sharing options...
JasonLewis Posted August 23, 2008 Share Posted August 23, 2008 I thought the purpose of a salt was to be static. You could use a dynamic salt like the convert the date the user registered to a timestamp. They both would have the same security though, IMO. Link to comment https://forums.phpfreaks.com/topic/120960-solved-salt/#findComment-623588 Share on other sites More sharing options...
cooldude832 Posted August 23, 2008 Share Posted August 23, 2008 what sort of data are you worrying about or just in general which is better? Link to comment https://forums.phpfreaks.com/topic/120960-solved-salt/#findComment-623593 Share on other sites More sharing options...
redarrow Posted August 23, 2008 Share Posted August 23, 2008 How to properly salt the password. This actually is very simple. <?php $pass=$_POST['pass']; $salt='i_always_take_a_sentence_or_two_and_add_some_numbers_8342394'; $salted_md5=md5($pass); ?> redarrow Link to comment https://forums.phpfreaks.com/topic/120960-solved-salt/#findComment-623595 Share on other sites More sharing options...
JasonLewis Posted August 23, 2008 Share Posted August 23, 2008 redarrow you didn't salt the password. $salted_md5=md5($salt.$pass); Link to comment https://forums.phpfreaks.com/topic/120960-solved-salt/#findComment-623598 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.