Re: [PHP] crypt salt question
- From: Satyam@xxxxxxxxxxxxx ("Satyam")
- Date: Fri, 31 Aug 2007 00:00:14 +0200
No chance. Unless you have the salt stored along each password, your passwords are as good as random texts
Satyam
----- Original Message ----- From: "Andras Kende" <andras@xxxxxxxxx>
To: <php-general@xxxxxxxxxxxxx>
Sent: Thursday, August 30, 2007 11:42 PM
Subject: [PHP] crypt salt question
Hello,
I'm trying to move some app from postgresql to mysql but unable to find out
how to authenticate
against the current crypted passwords with php..
insert to database:
$cset = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789./";
$salt = substr($cset, time() & 63, 1) . substr($cset, time()/64 & 63, 1);
$password = crypt($password, $salt); //pass crypted version of password
for further processing
$result = pg_query ("INSERT INTO users (username, password) VALUES
('$username', '$password')");
I read the crypt is one way encryption but how to compare the password
entered with the encrypted
version if don't know the salt ??
Thanks,
Andras
--------------------------------------------------------------------------------
No virus found in this incoming message.
Checked by AVG Free Edition.
Version: 7.5.484 / Virus Database: 269.12.12/979 - Release Date: 29/08/2007 20:21
.
- Follow-Ups:
- RE: [PHP] crypt salt question
- From: "Andras Kende"
- RE: [PHP] crypt salt question
- References:
- crypt salt question
- From: "Andras Kende"
- crypt salt question
- Prev by Date: crypt salt question
- Next by Date: RE: [PHP] crypt salt question
- Previous by thread: crypt salt question
- Next by thread: RE: [PHP] crypt salt question
- Index(es):
Relevant Pages
|
