Posted By

luckygreentiger on 11/20/13


Tagged

php passwords salts


Versions (?)

Who likes this?

1 person have marked this snippet as a favorite

IMPGTX


Function to hash passwords


 / Published in: PHP
 

An attempt for a semi-random salt in a stored password. It's not stored in the database so I believe it would be harder to discover. Samples should be changed.

  1. /* the salt, in this case is determined by the second letter of the
  2. password. the string position can be changed in $strPass[x] and of course
  3. the salts can be changed to different values. standard disclaimers
  4. apply. not promised to work. take the code as-is. if you like, find
  5. errors, or use please let me know at luckygreentiger at gmail */
  6.  
  7. function hashPassword($strPass) {
  8. $value = $strPass[1];
  9. if(preg_match("/^[a-f]+/i", $value)) {
  10. $salt = "!";
  11. }
  12. else {
  13. $salt = "#";
  14. }
  15. if(preg_match("/^[g-m]+/i", $value)) {
  16. $salt = "@";
  17. }
  18. if(preg_match("/^[n-s]+/i", $value)) {
  19. $salt = "$";
  20. }
  21. if(preg_match("/^[t-z]+/i", $value)) {
  22. $salt = "%";
  23. }
  24.  
  25. $strPass .= $salt;
  26. $hash = hash("sha512", $strPass); // sha512 is 128 characters
  27. return $hash;
  28. }

Report this snippet  

You need to login to post a comment.