Home/ Questions/Q 8064189
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-05T11:17:54+00:00

I am reading up on different techniques to secure passwords. I am aware that

  • 0

I am reading up on different techniques to secure passwords. I am aware that no matter what precautions you put in place you are in the long run only slowing down a determined hacker. I have looked into the use of bcrypt in PHP and also PBKDF2.

Ignoring how you create your hash for now. Would it be any use if a set of say 4 or more randomly choosen ASCII characters where entered into the hash at predetermined positions. Are there different length hashs? So you could make one type say md5 look like another if you just counted the number of chars?

I understand that this again only slows down someone knows you are doing this and they obtain the positions you are using to place random characters?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    There is no point in placing random character in the hash to make it secure. Because eventually you have to find the actual hash and compare with the generated one that is calcualted from users input.

    Better, use a seed for the hash. Suppose hash is a generic function and $seed is a seed you can do this,

    $seed = 'a_constant_value';
$seeded_hash = hash( $seed . $password );

    If you dont want the seed to be a constant, add another credential from the user to the hash.

    $seed = 'a_constant_value';
$user_credential = 'any_data_of_this_user';
$seeded_hash = hash( $seed . $user_credential. $password );

    Here make sure this user credential is constant for each user. It can be users birthdate, blood group.

    • 0