Online
71342 days on xHamster
42583M profile views
78662K subscribers
33560 comments left

Validating a password in php

This method provides an abstracted way of hashing your password based on a substring of the last modified date of your user login entry.

You may consider storing your user’s created date as a TIMESTAMP as opposed to an UNSIGNED INT because of the Year 2037 Bug.

The benefit of using random salts is that a compromised account will have no adverse effect on the remainder of accounts due to the uniqueness of the salts on a per user basis.

Salting your passwords prior to hashing (MD5, SHA1, , etc.) hinders such attacks by increasing the amount of storage and computation required to crack your password.

For a full listing of supported hashing algorithms, take a look at hash_algos.

Some ISP providers IP addresses for a given amount of time before expiration (generally for the duration of their online session) while others may utilize numerous proxies.

One solution you can implement to alleviate the static IP issue is to take a substring of the IP address and use the the first 3/4 of an IPv4 address (24 bits / 3 bytes / third octet).

The primary concern with a singular unique salt for any number of stored passwords is that once figured out, the salt becomes utterly useless.

Please or register to post comments
If spammers comment on your content, only you can see and manage such comments Delete all

Validating a password in php introduction

Validating a password in php

Recent posts

25-Jul-2018 00:32
25-Jul-2018 08:16
25-Jul-2018 19:14
26-Jul-2018 01:34