599
Comment:
|
1068
Added salt
|
Deletions are marked like this. | Additions are marked like this. |
Line 28: | Line 28: |
(none yet!) | A good idea is to include a 'salt' with the hash as well, which will prevent people using a dictionary with md5 hashes of common passwords. When you check a password, just add the salt to the front of the password and hash it. The salt can be any random string. Something like this: {{{ #!python import md5 key_string = "SecretPassword" salt = "1Ha7" hash = md5.new( salt + key_string ).hexdigest() print "%s:%s" % (salt, hash) # Store these }}} AnthonyBriggs |
MD5 Passwords
It's very easy to create MD5 passwords with Python-
You just:
ex: "robots" turns into "27f5e15b6af3223f1176293cd015771d"
The "hexdigest" form is the form you frequently find used in databases and in online forums.
See Also
[http://bfl.rctek.com/tools/?tool=hasher an on-line MD5 generator] - create MD5 values from keys, online
Discussion
A good idea is to include a 'salt' with the hash as well, which will prevent people using a dictionary with md5 hashes of common passwords. When you check a password, just add the salt to the front of the password and hash it. The salt can be any random string.
Something like this: