News Feed
Sections




News Archive
Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Joshua Thijssen's Blog:
Password hashing and salting
February 03, 2011 @ 12:16:31

Joshua Thijssen has a new post to his blog looking at password hashing and salting - something that, really, should always be done to help protect your site's user information.

Even though it is true in effect that using a salt increases the overall security of your hashes BUT it's not only because your passwords are longer. There is a another (maybe even more important) factor that comes into play, namely the fact they are more secure against rainbow table attacks, but that depends on HOW you season your hashes. Season it incorrectly, and you gain nothing in security even though you think you did...

He gets into some of the details about hashing your information, how you can break that hash easily and how salting your information can help reduce that risk. He also points out things like rainbow tables and brute force that could still break these salted passwords.He recommends using a different method than a single salt - a different one for each user with a part stored in plain-text along with the user record.

0 comments voice your opinion now!
hashing salting password tutorial rainbowtable bruteforce


blog comments powered by Disqus

Similar Posts

Max Horvath's Blog: How to enable the Xdebug debugger in Zend Studio for Eclipse

PHPBuilder.com: PHP and Adobe Air: Building a Time-tracking and Billing Application - Part II

Matthew Leverton\'s Blog: How to add a custom CAPTCHA to phpBB2

IBM developerWorks: Setting up your own on-demand video site with PHP, Part 1

php|architect: Geolocation: Easier Than It Looks


Community Events





Don't see your event here?
Let us know!


code framework interview application project developer release introduction list configure api bugfix threedevsandamaybe laravel series wordpress community library language podcast

All content copyright, 2014 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework