This topic is locked
2 replies
|
romaldus 2/10/2016 |
|
Hello everyone, I am building a new application with dynamic permissions, within the PHPRunner application I added an admin user and built the application. When I tried to log in with the user created in the application it keeps telling me invalid login. I create a new user in the registration page with the same password. I go to the database and noticed that the passwords do not match. Then I create another user this time in phpmyadmin with the same password using MD5. then the password from the registered user matched the one added through phpmyadmin. My thought on this is that when adding an admin user within the PHPrunner application another type of hash is used than the one used at login and register pages. I have also been researching and have found out that MD5 is not the best way to store passwords in the database. Most of the suggestions found online are to use SHA256 with a unique salt for every user. Has anyone implemented this suggestion successfully in a PHPRunner project? Thank you, Stivens
|
|
|
S
|
stiven author 2/10/2016 |
|
That is actually to encrypt data, I am currently using for some fields. But password should be one way hash instead of encrypted. |
|