Results 1 to 5 of 5
  1. #1
    Grandma broke her coccyx! Uncle Rico's Avatar
    Join Date
    May 8th, 2007
    Location
    North Carolina
    Posts
    2,238
    Password Hashes
    I assume it's a good idea to store user password as a hash using md5 or shal? If you have a site that allows users to register, do you store the password as a hash? If so, do you prefer md5 or shal?

    Thanks!

  2. #2
    Affiliate Manager cbsturg's Avatar
    Join Date
    January 24th, 2007
    Location
    Lima OH
    Posts
    753
    Yes, I store the password as a hash. I feel it helps people feel a bit more secure if I can say that the password is encrypted and got not be retrieved by anyone, not even me. Never mind I can set it to anything I want, and usually have full access to all their other personal information as well, they usually feel good about their password...

    I prefer storing in SHA1 with a random salt assigned to each user. SHA1 is considered more secure than MD5, and while neither is considered unhackable random salts make things much more secure.
    Chris Sturgill
    "All my life I've had one dream, to achieve my many goals." - H. Simpson

  3. #3
    Newbie
    Join Date
    November 13th, 2008
    Posts
    28
    checkout the "PHP portable hashing framework"... run that through google, it's great for hashing sensitive info.

  4. #4
    Comfortably Numb John Powell's Avatar
    Join Date
    October 17th, 2005
    Location
    Bayou Country, LA
    Posts
    3,432
    I prefer storing in SHA1 with a random salt assigned to each user. SHA1 is considered more secure than MD5, and while neither is considered unhackable random salts make things much more secure.
    Ditto here.


  5. #5
    Full Member
    Join Date
    January 18th, 2005
    Posts
    88
    Interesting article on the Hash Algorithm Dilemma
    http://www.forensicmag.com/Article_Print.asp?pid=238

    The SHA-1 algorithm has been compromised on a theoretical level and attempts proving the theoretical compromise have not yet been successful.

  6. Newsletter Signup

+ Reply to Thread

Similar Threads

  1. CJ Password
    By Robbins in forum Commission Junction - CJ
    Replies: 11
    Last Post: March 3rd, 2006, 12:37 PM
  2. New Password
    By rem in forum PartnerWeekly
    Replies: 0
    Last Post: April 9th, 2005, 08:01 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •