Forums

The forums ran from 2008-2020 and are now closed and viewable here as an archive.

Home Forums Other [Solved] Validate Passwords

  • This topic is empty.
Viewing 3 posts - 1 through 3 (of 3 total)
  • Author
    Posts
  • August 30, 2010 at 3:13 pm #30102
    thisishard
    Member

    I’m in the middle af creating a validation script and I got the the password bit and I have no idea what to allow. My password always get a low rating as i only use letters, but I’m aware that others have much more complex ones. So what characters should i allow?

    Also, whats the best way to store a password in a mysql db? I have always used md5 which converts it to a 32 bit string, but then what happens if the password is more than 32 characters? I think the other way was called salt or something but i don’t know.

    Many Thanks
    Chris

    August 30, 2010 at 3:57 pm #80936
    TheDoc
    Member

    Most that I’ve seen go something like this:

    Minimum 7 characters, at least 1 uppercase and 1 number.

    September 3, 2010 at 7:46 pm #80651
    kevc1973
    Member

    Yes, save the MD5 of the password in the DB. It does not matter the length of the password as the MD5 hash is always be a 128bit value.

    A salt is basically just a hard-coded string that is appended to the password before hashing.

    i.e.
    $salt=”mysalt”;
    $password=”mypass”;
    $myhash=md5($salt.$mypass);

  • Author
    Posts
Viewing 3 posts - 1 through 3 (of 3 total)
  • The forum ‘Other’ is closed to new topics and replies.