Whats wrong with storing your salt in DB?
View Single Post
11-17-2007, 03:30 AM
Join Date: Nov 2007
WildHoney took the words right out of my mouth. The point of salts is to provide a secure encryption key, and it is always best to make it dynamic. I remember on one site a while back, I stored the salt with the password in the DB. I used an md5 function to generate a random key based upon the current time (md5(time)) and than uploaded that to its own column. Although that was a couple of years ago and there are course better methods of encryption now. :)
View Public Profile
Send a private message to DarkPrince11
Find More Posts by DarkPrince11