|
|
|
|
|
|
by niekmaas
5121 days ago
|
|
|
Why would you use the email? Mostly when passwords/usernames are stolen the email is there too. For my site I have an unique 128-bit token for every user. I also have a 128-bit site_key (which is in the application, not db) and mix those with the password and then hash. |
|
|