Hello, UMumble! Once, I was faced with a choice in the process of developing an authentication system for my project. Namely, what is the best way to store user passwords in the database? Many options came into my head. The most obvious were:

1. Storing the passwords as a plain text in a database.
2. Using regular hashes, such as crc32, md5, and sha1.
3. Using crypt() function.
4. Using the statical salt as type of structure md5(md5($ pass)).
5. Using the unique salt for each user.

The first and second options I had to eliminate for several reasons right away.
Pirat 4 may 2012, 20:45