By: Ricehigh

Ricehigh — Sun, 17 Jan 2010 13:24:36 +0000

Yes, it does seem that similar solutions has been proposed by others. Still, I hope that this guide has been useful for you.

The confusion of the unused constant SECURE_SALT, arises because I erroneously called the constant SECURE_SALT, instead of the FIXED_SALT, which is the constant we defined at the very beginning of the script.

The failure has been corrected in the downloadable file, and will be corrected throughout the article in the next couple of days.
I apologize for the confusion this may have caused.

By: feha

feha — Sun, 17 Jan 2010 12:54:34 +0000

Hi
I really like your function generating random salted hash that still works
http://guides.ricehigh.dk/files/password.php
I just wonder what SECURE_SALT constant does as it is not defined anywhere ? (bug ?)
I don’t know but I think this solution was presented long time before:
http://phpsec.org/articles/2005/password-hashing.html

And what about :
https://gist.github.com/154619/dfcf313301a88f1feef64470b3248e275413c20e ?

Comments on: Password hashing

By: Ricehigh

By: feha