You guys know that I’m not a cryptography expert. In fact, I didn’t use hashing and salting well until my second year as a programmer during college.
It’s recently come to my attention that using MD5 or SHA as your hashing methods is not good enough.
Alright, I’m the first to admit that I’ve done my share of plaintext saving passwords to the database. Not my proudest hour. Then of course the software I was working on wasn’t exactly for a nuclear silo, just a simple ice cream store.
Still! I’ve searched the web and after a bit of elbow grease I came up with this simple and easy to follow example on how to hash and salt your passwords.
If you’d like to know what hashing and salting is, Google it.
Basically it turns this: