|
|
|
|
|
|
by dchest
3667 days ago
|
|
|
Rather than expecting the password hash library to store something into your application DB, you should be managing the access to that DB yourself. You do manage it yourself. Password hashing library doesn't access your database, it produces a string that you store, which includes salt and password hash. In our case, we use an immutable attribute of each user as their hash What? You really need to talk to security-competent people. |
|
|