Kevin M Posted June 5, 2007 Share Posted June 5, 2007 I've heard it's a good idea to salt your encryptions that you get using md5 or sha1. I understand how to salt the encryption fine, that's not my question. This is my question:Should I just pick some random combination of numbers for my salt? I realize it would have to be the same on all pages and in the database, but I mean choosing a salt. Or would it be a good idea to sha1 or md5 a random phrase? I know that it's hard to get passed the php ecryption functions, but I want to have some uber security on my application.Thanks,Kevin Link to comment Share on other sites More sharing options...
vijay Posted June 5, 2007 Share Posted June 5, 2007 Hi.. If am not wrong then you are talking about to generate your own random number to navigate site, yes if you can but it must strong and not predictable via try and error or any guess..Regards,Vijay Link to comment Share on other sites More sharing options...
Hooch Posted June 5, 2007 Share Posted June 5, 2007 Have a look at this thread.http://w3schools.invisionzone.com/index.ph...c=10071&hl=Hope it helps. Link to comment Share on other sites More sharing options...
zppblood Posted June 6, 2007 Share Posted June 6, 2007 Salts can help stop things such as rainbow tables if they got access to the hashes of your users. You can use one that you create a string/number/etc. that goes with all users, create a random string for each user, and one I read (pretty sure justsomeguy said this) was use information gained from the user such as date/time joined, or user id. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.