Jump to content

Salt Generator, Security!


Recommended Posts

I want to make my user's passwords more secure, than just a one way encryption. My plan is to make a salt generator, then add it to the password, and encrypt it. Then add the salt to the database, so when the user types in their password, I can check the password with the random salt generated from the script which is in the DB.


My question is; is this secure enough?


Here is how I want to generate salt.


have the script generate a letter from a-r, and a number from 1-10. Then add them so for example: a6, then I want to add 6 to the a, so I get g, and then add 10 to the generated number. So over all I get something like this a6g16.


Would that help?


-Thanks Guys!

Link to comment
Share on other sites

You do know that like 99.99% of account/website cracks are not done by decrypting things (like someone's password), right? And that 0.01% really only exists because of people foolish enough to use very outdated methods or nothing at all. You should focus more on controlling/sanitizing input and making sure the script's logical flow is solid.

Link to comment
Share on other sites

Even if you were able to make your method work, if you don't have a secure database uncrackable passwords mean nothing... I would listen to what Violent has to say.

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.