Kjapp og trygg hosting for Wordpress

Salt i passord

solo

Medlem
Hei,

Hvordan er det egentlig dette med salt i passord skal lagres i en database?
Jeg har nå to felt i tabellen for "customers":
- customer_password
- customer_salt

Skal jeg lagre passordet som en sha1 av passord og salt?
Også lagre salt i klartekst i eget felt?

Kode:
  // Generate salt
   $characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
   $charactersLength = strlen($characters);
   $randomString = '';
   for ($i = 0; $i < 10; $i++) {
     $randomString .= $characters[rand(0, $charactersLength - 1)];
   }
     $inp_customer_salt = $randomString;
     $inp_customer_salt_mysql = quote_smart($link, $inp_customer_salt);
   
   // Password
   $inp_customer_password = $_POST['inp_customer_password'];
   $inp_customer_password = output_html($inp_customer_password);
   $inp_customer_password = $inp_customer_password . $inp_customer_salt;
   $inp_customer_password = sha1($inp_customer_password);
   $inp_customer_password_mysql = quote_smart($link, $inp_customer_password);
 
Topp