Click here to Skip to main content
15,899,634 members
Search within:


comment's on security
Please Sign up or sign in to vote.
1.00/5 (2 votes)
See more:
SQL
PHP
Hy!
iam going to decide to SHA_512 with salt in my web project.
ut iam still in confiusion that there is some problem in it..
the hashing algorithm just hash the data before saving it in to the database something like ( 45454dsdsd54d4sd ).
how can the admin know about the user password?
how can he access to his personal data/profile?

if there is anothr way to secure the user input data in web please tell me...
Thank's.
Posted
Add a Solution
Comments
bbirajdar 4-May-13 14:52pm    
Design the system in such a way that admin can access the user data other than the password...The password should be hashed and should not be available to any other person than the user

1 solution

No admin in the world is supposed to get access to a user password; and it is never needed; thinking a password can be accessed means total misunderstanding of the very basic idea of the password-based authentication.

For further detail, please see my past answers:
i already encrypt my password but when i log in it gives me an error. how can decrypte it[^],
Decryption of Encrypted Password[^],
storing password value int sql server with secure way[^].

[EDIT]

With PHP, please start here: http://php.net/manual/en/function.hash.php[^].

—SA
 
Share this answer
 
Posted
Updated 6-May-13 7:30am
v2
Comments
msz900 6-May-13 12:35pm    
Thank's For All The Replay's.
it's quite helpful..


Can Any one tell me that from where i can start?
Can any one has a resource which give me an idea of starting a SHA-512 algorithm with Salt?
Sergey Alexandrovich Kryukov 6-May-13 13:31pm    
Yes, please see the updated answer, after [EDIT].
—SA
Add a Solution

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
Top Experts
Last 24hrsThis month
Related Questions
Ajax on youtube comment....
Add comment into sql Database
problem in sending captcha in comments
Sensitive cookies not marked as secure
Securing an C++ API with POCO
Integral Security Valildationin Connection Pooler
How to add security to a web page?
How to secure my C++ API?
Security flaws caused by compiler optimizations?
How to secure appsetting.json angular web site

Advertise
Privacy
Cookies
Terms of Use
Last Updated 6 May 2013
Layout: fixed | fluid
Copyright © CodeProject, 1999-2024
All Rights Reserved.

Web04 2.8:2024-05-14:1

CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900