PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!
Hi, I was bored yesterday and came up with this idea for password encryption.
Basically, take the password that the user supplies at registration and split it into individual characters. Assign a number to each character and then combine all the resulting numbers into a string. So instead of 2+2 = 4, 2+2 = 22. Then take this string and use it as a SALT for the md5 hashing of the pw.
This is the function that I made to achieve this. Please, comment on it because I'm pretty sure that there is a much more elegant way to achieve this or I did something wrong somewhere. Haven't had time to test it out yet.
Actually, nevermind with the $alphabet nonsense. I was too busy thinking about Python's translation tables that I missed what might be a much better solution.
A salt should be unique to each user. This way, two identical passwords are not stored as the same hash in the database. Your salting function would still result in identical passwords being identical hashes.
But for a more elegant approach to your function (this still doesn't account for symbols, spaces, tabs, and other characters)
Set Search Time - A google chrome extension. When you search only results from the past year (or set time period) are displayed. Helps tremendously when using new technologies to avoid outdated results.
Thanks for the input. I neglected to think that far. My main concern with the random SALT method is that the SALT needs to be stored in the DB anyway, and if so then if someone has access to the DB can still get the value of the SALT for that specific user. Therefore, bypassing the need for the SALT in the first place...
The salt + password combo will be stored in the database as an md5 hash. The salt can be recomputed from the user's login form information. To make it unique per user, you could use a combination of username and password to create the salt.