PHP password hash with salt
It is more secure to stora a password hashed with added static (or even dynamic salt). To achieve static salt in password just append a string when calculating a hash. Example below shows dynamic salt, most secure:
function getHash( $pass , $login ) { $salt = substr( md5( $login ) , 0 , 10 ); return hash( 'sha256' , $pass . 'ThEStAtIcSaLe' . $salt ); }
Remeber to use same function when checking user credentials.It will be also more secure to use slower hashing/crypting function
Comments
Post a Comment