9 comments on “Don’t save your passwords as plaintext. Hash them – salt them – save them.

  1. This was a bit unnecessary:


    if (hashValue == hashedValueFromDatabase)
    return true;
    else
    return false;

    Why didn’t you just type this?


    return ( hashValue == hashedValueFromDatabase);

    • Thanks for sharing! I’ll definitely take a look and see how to use it. It seems like the best tool right now because it gently inconveniences the end users, but strongly mess with crackers.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s