Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I am using simple md5($password); format but i want to add salt so how i can do that?
here is my code :
if($success)
{
$data['firstname'] = $firstname;
$data['lastname'] = $lastname;
$data['username'] = $username;
$data['password'] = md5($password);
$data['email'] = $email;
$newUser = new User($data);
$newUser->save(true);
$Newuser->login($username, $password);
header("Location: welcome.php");
}
The longer, more complex and unique to each user you can make the salt the harder it will be for anyone to get the password (though it’s not impossible).
A simple (but poor salt) would be:
$salt = '10';A much stronger salt would be:
$salt = '-45dfeHK/__yu349@-/klF21-1_\/4JkUP/4';Salts that are unique to the user are even better.
As mentioned in several comments md5 is an old and relatively poor hashing algorythm, SHA-512 or any of the SHA-2 family would be much better choices.
See this salting question for more detail.