xtremey_ytinasni Posted January 12, 2012 Share Posted January 12, 2012 I am currently testing a small hash idea, for say database encryption for passwords. Basically what I want to know is if this is a good or not the best method for encryption... <?php $us_password = 'drowssap'; // User-Submitted Password; $salt = '))!&8d*34d763!(('; //The salt $dbs_password = '3750221c513902ff76f4ec7ffed5fa4385d2599d'; // Sha1 hash for "drowssap"+Salt; if($us_password == sha1($us_password.$salt)){ //Some other code for success here } else { //Failure code here } ?> So basically, this is an abstract example of what I'm doing... Is it any good, or what could be improved? I've also used DB-Stored salts unique to each user, so even if someone used rainbow tables ( even after failure on my part for letting them get the hash... ), and multiple users had the same password, they would only crack one, rather than all of them, since the hashes would be different due to the different salts. Quote Link to comment https://forums.phpfreaks.com/topic/254853-hashingsalt-question/ Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.