How strong do salts need to be?

L

lekkhjilbbgbe

New Member
How strong do salts need to be? At the moment I use this function to generate a "unique" salt upon user registration:\[code\]$salt = substr(str_shuffle('0123456789abcdefghijklmnopqrstuvwxyz'), 0, 12);\[/code\]I then hash it with \[code\]sha1\[/code\] along with the password.What do you think?PS. I'm not planning on getting MySpace big.
 
You must log in or register to reply here.
Back
Top