Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived Development & Programming Best practices for secure passwords
Best practices for secure passwords
  • El Forum
    Guest
  •  
#5
08-05-2009, 07:23 AM

[eluser]Adam Griffiths[/eluser]
Dynamic salts should never be used on their own, for the very reason stated above, if somebody had a hold of the database, then they have the dynamic salt. So dynamic salts (in my opinion) should always be used with a static salt.

But of course even if somebody did have a hold of the database, they wouldn't necessarily be able to find the suers password because they have no idea how you used the salt. You could have split the password into three parts, put the dynamic salt in the first break and the static salt in the second break.

You should never be limited to just putting salts on the end or at the beginning of strings.


Messages In This Thread
Best practices for secure passwords - by El Forum - 08-05-2009, 04:56 AM
Best practices for secure passwords - by El Forum - 08-05-2009, 05:37 AM
Best practices for secure passwords - by El Forum - 08-05-2009, 06:08 AM
Best practices for secure passwords - by El Forum - 08-05-2009, 06:16 AM
Best practices for secure passwords - by El Forum - 08-05-2009, 07:23 AM
Best practices for secure passwords - by El Forum - 08-05-2009, 07:54 AM
Best practices for secure passwords - by El Forum - 08-05-2009, 08:08 AM



Theme © iAndrew 2016 - Forum software by © MyBB