2006-06-18, 12:39 PM
2006-06-18, 12:43 PM
Please take a look at this thread.
2006-06-18, 12:49 PM
Hey,
Well the way mybb deals with passwords is so simple but strong.
The password in the database is stored hased, by going through through some procedure whihc is md5() of the the md5() of the real password, added to the md5() of the salt. So it is something like md5(md5($salt).$password);.
The login key, is mainly to ensure clean handling of the cookies while logining in, so in case the salted password which will be in the cookie was different than the login key, the login attempt will fail.
regards
GOSH I WAS SLOW
Well the way mybb deals with passwords is so simple but strong.
The password in the database is stored hased, by going through through some procedure whihc is md5() of the the md5() of the real password, added to the md5() of the salt. So it is something like md5(md5($salt).$password);.
The login key, is mainly to ensure clean handling of the cookies while logining in, so in case the salted password which will be in the cookie was different than the login key, the login attempt will fail.
regards
GOSH I WAS SLOW
2006-06-18, 06:18 PM
Thx guys.you can lock this.