Jump to content

Search the Community

Showing results for tags 'sha1'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • W3Schools
    • General
    • Suggestions
    • Critiques
  • HTML Forums
    • HTML/XHTML
    • CSS
  • Browser Scripting
    • JavaScript
    • VBScript
  • Server Scripting
    • Web Servers
    • Version Control
    • SQL
    • ASP
    • PHP
    • .NET
    • ColdFusion
    • Java/JSP/J2EE
    • CGI
  • XML Forums
    • XML
    • XSLT/XSL-FO
    • Schema
    • Web Services
  • Multimedia
    • Multimedia
    • FLASH

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Location


Interests


Languages

Found 2 results

  1. Hi all I would like to know whether it is possible or not to build a secure inlog script. The script I have as example is mainly in php. I read a couple of tuts online and watched some youtube video's and discovered that both javascript and php are used. I dont know much about encryption but more and more questions are rising ..... Is it true that it is possible to add javascript encryption wen you want a user to login ? My own idea is that this looks quite insecure as anybody can see the encryption code. I have more questions but first i would like to know this if possible.
  2. Before I begin, I tried to do some research about this subject (the Search field seems its broken and through google was a little bit painful) in the forum, so I'd like to apologise if I'm repeating it once again. I have read some articles about hashing passwords saying that md5 and sha1 are no longer safe and should use better hashing algorithms, how to hash passwords properly by avoiding double hashing, hashing with different algorithms etc etc, so I 've come up with some questions/spots that I haven't cleared them out completely. 1. Doing just this is consinder no safe, although md5 and sha1 cannot be reversed: $password=md5('my_sercretpassword123'); //for instance my password is my_sercretpassword123 although its a bad practice$password=sha1('my_sercretpassword123'); My first question is If I use one of these, using a salt isn't consider safe? eg: $password= 'my_sercretpassword123';$salt = 'lorem_ipsumd0l0rs1t@m3tc0ns3ct3tur@d1p1sc1ng3lit';$password = md5($password.$hash); //same with sha1 If anyone manages to crack this hash, will get the string 'my_sercretpassword123lorem_ipsumd0l0rs1t@m3tc0ns3ct3tur@d1p1sc1ng3lit', which isn't the actual password, right? 2. Supposing the 1st option note is not approved, then I guess I have use a better hashing algorithm like whirlpool or sha256, sha512 ect etc. So If I apply the same functionality like this: $password= 'my_sercretp@ssword123';$salt = 'lorem_ipsumd0l0rs1t@m3tc0ns3ct3tur@d1p1sc1ng3lit';$hashed_password = $password.$hash;$hashed_password = hash('whirlpool',$hashed_password); is it safe enough or I have better come with something more difficult?? I tried to google for some tutorials on this, just to get some ideas, but most of them, if not all, use plain md5 or sha1. Could you give me some examples or ideas on that?
×
×
  • Create New...