C
Chandez
Guest
I am relatively new to php programing i can create,update,drop and query databases tables and rows, use if statements and loops variables and all that so im not to new.
but when it comes to encryption i know nothing about it. I had a look on google but most forums spent there time arguing over the different methods to make any Sense so a detailed answer would be great.
also i will need to be able to re set these passwords if a user forgets it and i know decrypting the password is no option due to security issues so if any one has any idea's around options available that would be great (mabey asking for the users usern ame and email and send a re-valadation code/link to there email. idk )
any help is appreciated
Ok i have looked up the md5 function (if thats its propper lable) and adding a salt to the password. So if i understand when storing the password will the following be correct and secure?:
(just for e.g)
$password = $_REQUEST['password'];
$salt = "12345678"
$hash = $password . $slat;
$hash = m5($hash);
// store hash
Ok idk if thats right? If it is then i have a few more questions that ill need awnserd. first what makes a good salt lenght and is the salt alph-numeric only or hexideicmal?
also if that code is right / secure (using a propper sald) would haveing 2 salts make it more secure i.e:
$password = $_REQUEST['password'];
$salt1 = "12345678";
$salt2 = "98765432";
$hash = $salt1 . $password . $slat;
$hash = m5($hash);
// store hash
but when it comes to encryption i know nothing about it. I had a look on google but most forums spent there time arguing over the different methods to make any Sense so a detailed answer would be great.
also i will need to be able to re set these passwords if a user forgets it and i know decrypting the password is no option due to security issues so if any one has any idea's around options available that would be great (mabey asking for the users usern ame and email and send a re-valadation code/link to there email. idk )
any help is appreciated
Ok i have looked up the md5 function (if thats its propper lable) and adding a salt to the password. So if i understand when storing the password will the following be correct and secure?:
(just for e.g)
$password = $_REQUEST['password'];
$salt = "12345678"
$hash = $password . $slat;
$hash = m5($hash);
// store hash
Ok idk if thats right? If it is then i have a few more questions that ill need awnserd. first what makes a good salt lenght and is the salt alph-numeric only or hexideicmal?
also if that code is right / secure (using a propper sald) would haveing 2 salts make it more secure i.e:
$password = $_REQUEST['password'];
$salt1 = "12345678";
$salt2 = "98765432";
$hash = $salt1 . $password . $slat;
$hash = m5($hash);
// store hash