[pLog-svn] Salted MD5
Mark Wu
markplace at gmail.com
Tue Mar 11 02:04:58 EDT 2008
** sha2($salt + sha2($password + $salt))
I consider this before, the problem is I have to keep the compatibility.
In lieftype 1.2.x and before, the $password is stored in database with
md5($password)...
So, any algorithm have to based on this, like
sha2($salt + md5($password) + sha2($salt)) or
sha2(md5($password) + $private_key)
Or, there is no way for us to upgrade.... since we can not get the original
plain text password
Unless we leave an option for user( administrator) to use the old algorithm.
Mark
_____
From: plog-svn-bounces at devel.lifetype.net
[mailto:plog-svn-bounces at devel.lifetype.net] On Behalf Of Matt Wood
Sent: Tuesday, March 11, 2008 1:49 PM
To: LifeType Developer List
Subject: Re: [pLog-svn] Salted MD5
More information about the pLog-svn
mailing list