Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I was looking about best practice for password protect, everybody are talking about bcrypt and others hashing classes. But I can’t get how To verify password if it contains unique random salt .
For cookies its fine, but without em – each time would be unique crypted value, how can I verify users password with random values? Oo . Or bcrypt only for cookies?
Then what I should do with password in db?
Please describe to me my mistakes – what I’ve lost when learning about it.
The bcrypt algorithm creates a random salt that is stored as part of the hash in a standardised way.
See How do you use bcrypt for hashing passwords in PHP? for a working example.
See also:
(edited heavily since my answer was wrong before)