Comments on: Password Salting Techniques http://www.andymadge.com/2009/08/password-salting-techniques/ Nothing to see here, move along… Wed, 02 Jun 2010 19:53:52 -0400 http://wordpress.org/?v=abc hourly 1 By: Kamasa http://www.andymadge.com/2009/08/password-salting-techniques/comment-page-1/#comment-828 Kamasa Wed, 02 Jun 2010 19:53:52 +0000 http://www.andymadge.com/?p=163#comment-828 absolute right Gary, and also its better to have static string instead of any changeable thing absolute right Gary, and also its better to have static string instead of any changeable thing

]]> By: AndyM http://www.andymadge.com/2009/08/password-salting-techniques/comment-page-1/#comment-710 AndyM Mon, 22 Feb 2010 10:18:48 +0000 http://www.andymadge.com/?p=163#comment-710 Good point, I guess it makes more sense to use a static string in the salt rather than something that may change. Thanks for the heads-up. Good point, I guess it makes more sense to use a static string in the salt rather than something that may change.

Thanks for the heads-up.

]]> By: Gary http://www.andymadge.com/2009/08/password-salting-techniques/comment-page-1/#comment-709 Gary Mon, 22 Feb 2010 01:04:55 +0000 http://www.andymadge.com/?p=163#comment-709 One obvious gotcha if you use the email as part of the salted password is that if a user updates the email address on their account, then a new salted password would also need to be recalculated and stored. One obvious gotcha if you use the email as part of the salted password is that if a user updates the email address on their account, then a new salted password would also need to be recalculated and stored.

]]>