How do big companies like VB store passwords?
View Single Post
04-26-2008, 07:28 PM
Join Date: Feb 2008
For my projects I use a combination of 2 salts (1 Static, 1 Dynamic). When a user registers to my website the backend will generate a random salt key for each user. Even if 2 different users register to my website with the same password, the resulting hash will be different.
So if the database was ever hacked or stolen, they would be missing the static salt key, thus it would prove to be impossible for them to bruteforce any of the passwords.
However I'll touch wood, just incase.
View Public Profile
Send a private message to Mathew
Find More Posts by Mathew