Register Log In

Forums Developers Do not use $hash with passwords

Print Thread

Do not use $hash with passwords #86089 09/06/04 02:52 PM
Joined: Sep 2003 Posts: 38 North America O Olathe OP Ameglian cow
OP Olathe Ameglian cow O Joined: Sep 2003 Posts: 38 North America	If you want to store passwords as hashes, use $md5 instead of $hash. If you store a password as a hash with $hash(password, 32), anyone can produce the same result with a one to five character, very-easy-to-calculate replacement. $md5 makes it much more difficult to calculate a replacement.

Re: Do not use $hash with passwords #86090 10/06/04 10:48 PM
Joined: Oct 2003 Posts: 101 root66 Vogon poet
root66 Vogon poet Joined: Oct 2003 Posts: 101	All this and more in the next issue of DUH! Magazine Edit: ...and this is not a bug.

Re: Do not use $hash with passwords #86091 10/06/04 11:25 PM
Joined: Jul 2003 Posts: 742 Ohio, U.S.A. MTec89 Hoopy frood
MTec89 Hoopy frood Joined: Jul 2003 Posts: 742 Ohio, U.S.A.	personally, i dont STORE my passwords at all. http://MTec89Net.com irc.freenode.net #MTec89Net

Link Copied to Clipboard