I found this password algorithm on a website that's giving tutorial on how to safely secure passwords from hackers that can manipulate sha1 and md5 hashes

He added salt to the password and I think the salt don too much for the password self


This is the algorithm

$password=validate($_POST['password']); // validate is a user defined function that contains strip_tags, htmlspecialchars and all that
$salt="F±:9x;a|6%[`U”Y_?v~0o'!÷d\N";
$pass1=sha1($salt.$password);
$pass2=md5($salt.$password);
$hash="$pass1$pass2";

The $hash the wat to be saved in database // no sane hacker will crack this easily I know but isn't this too much?

0luwatope:
I found this password algorithm on a website that's giving tutorial on how to safely secure passwords from hackers that can manipulate sha1 and md5 hashes

He added salt to the password and I think the salt don too much for the password self


This is the algorithm

$password=validate($_POST['password']); // validate is a user defined function that contains strip_tags, htmlspecialchars and all that
$salt="F±:9x;a|6%[`U”Y_?v~0o'!÷d\N";
$pass1=sha1($salt.$password);
$pass2=md5($salt.$password);
$hash="$pass1$pass2";

The $hash the wat to be saved in database // no sane hacker will crack this easily I know but isn't this too much?

Lool.. Is too much, though i love the codes, it remembered me when i use to be on php

It can still be cracked. The safe way is to make use of mycrypt encryption. Key based encryption.

coolsix:
It can still be cracked. The safe way is to make use of mycrypt encryption. Key based encryption.

Does that mean if I ue a key based encryption, I'll be able to decrypt it with that same key.... I don't want to encrypt or decrypt, I want one way hashing, according to my kid knowledge, that salt should act as the key

0luwatope:

Does that mean if I ue a key based encryption, I'll be able to decrypt it with that same key.... I don't want to encrypt or decrypt, I want one way hashing, according to my kid knowledge, that salt should act as the key

One way hashing can still be dehashed! Yes, i have seen a few cases even with salt.

But the stronger the salt, the stronger the hashing.

coolsix:


One way hashing can still be dehashed! Yes, i have seen a few cases even with salt.

But the stronger the salt, the stronger the hashing.

eleyi giidi gan..... No need to ask questions jhoooor.... My God protect my website