password storage in database hash
| GHengeveld |
|
|---|---|
|
The mainurl isn't secret or random, so I don't think it's a useful addition. The current idea is to use hash('sha256', $cfg['salt'].$user_salt.$user_password) with $cfg['salt'] being optional and $user_salt being randomly generated by cot_unique() when the password is changed. |
