10-20-2008, 11:17 AM
|
#3 (permalink)
|
|
The Addict
Join Date: Nov 2007
Location: USA
Posts: 256
Thanks: 7
|
A good thing for storing passwords is to encrypt them and to use a salt with that like you said. An example would be
Quote:
$salt = "Some short string here";
$password = md5( $salt . sha1($password));
|
So then when you create the account you would use this on the password before inserting it to the db, as well as when that user logs in. This way their password is always encrypted, providing more security. |
|
|
|