[UPHPU] storing passwords
Dave Smith
dave at thesmithfam.org
Tue Apr 29 16:33:31 MDT 2008
Scott Hill wrote:
> I pity the poor sucker who tries to hack your passwords! I use sha1 now
> instead of md5 for passwords. It means a bigger password column in the
> database but for some reason it make me feel more sure. Maybe I'm just
> insecure myself.
>
Wade,
It looks like much of your code was borrowed or inspired from this:
http://phpsec.org/articles/2005/password-hashing.html
To respond to Scott,
I now use SHA-1 as well. MySQL has a nice built-in SHA-1 function too.
--Dave
More information about the UPHPU
mailing list