|
|
|
|
|
|
by gsoltis
5477 days ago
|
|
|
A variation on this is to use a random salt with each password that you store. Your auth process then becomes: 1. check the username 2: if the user exists, prepend the salt stored in the user row to supplied password, check against stored hash. At the very least, you will make it harder for someone to crack all of your passwords by computing one table with a single salt. |
|
|