Using a salt value

Discussion in 'Programming' started by AimyThomas, Oct 8, 2012.

0
  1. #1
    Hi,

    I've been reading up on using a salt value when creating a password to make it more secure, what I can't get my head round is how do you remember this salt value?

    I'm guessing that when a user logs in to be able to compare the password entered with the one in the database you would need to again add the salt value to the entered password.

    Am I missing something really obvious?

    Thanks in Advance
     
    AimyThomas, Oct 8, 2012 IP
  2. it career

    it career Notable Member

    Messages:
    3,562
    Likes Received:
    155
    Best Answers:
    0
    Trophy Points:
    270
    #2
    Store the salt in some private folder.
     
    it career, Oct 9, 2012 IP
  3. RogueCZzzz

    RogueCZzzz Greenhorn

    Messages:
    9
    Likes Received:
    1
    Best Answers:
    0
    Trophy Points:
    13
    #3
    Hi,

    create function like this :

    
public function calculateHash($password){
	return md5($password . str_repeat('YOUR-SALT-HERE', 10));
}
    Code (markup):
    save result to db and when someone wants to login use :

    
...
if ($row->password !== $this->calculateHash($password)) {
	echo "Bad password";
}
...
    Code (markup):
     
    RogueCZzzz, Oct 14, 2012 IP
  4. indiajobvacancy

    indiajobvacancy Banned

    Messages:
    341
    Likes Received:
    2
    Best Answers:
    0
    Trophy Points:
    0
    #4
    Great! I have using same generator.. the more complicated you create, the more secure your session login!
     
    indiajobvacancy, Oct 14, 2012 IP
  5. garnet2k

    garnet2k Member

    Messages:
    32
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    41
    #5
    nice one.....
     
    garnet2k, Oct 22, 2012 IP