Password Storage
H. S. Teoh via Digitalmars-d-learn
digitalmars-d-learn at puremagic.com
Fri Nov 27 08:09:49 PST 2015
On Fri, Nov 27, 2015 at 02:51:30PM +0000, Adam D. Ruppe via Digitalmars-d-learn wrote:
> On Friday, 27 November 2015 at 07:46:33 UTC, H. S. Teoh wrote:
> >1) The server stores password01 in the user database.
>
> I still wouldn't actually store this, hash it anyway and use that as
> the new "password".
True, so you'd store hash(password01) in the database, and compute
hash(X + hash(password)) during authentication.
T
--
It is of the new things that men tire --- of fashions and proposals and improvements and change. It is the old things that startle and intoxicate. It is the old things that are young. -- G.K. Chesterton
More information about the Digitalmars-d-learn
mailing list