Re: Alternatives to storing a user's password in your database

Author: MB Software Solutions, LLC

Posted: 2011-12-20 at 17:25:40

On 12/20/2011 5:17 PM, John Weller wrote:

> I have a routine which pads the password to a fixed length of, say, 20

> characters with a standard string of punctuation. I then take the ASCII

> value of the first character and use it as a seed for a RAND() function. I

> take the resulting fraction and multiply it by the ASCII value of the second

> character then take the integer value and use it as the seed for another

> RAND() repeating until the end of the string is reached. The final fraction

> is then multiplied by 10,000,000 and the integer stored. When a user enters

> their password I repeat the process and compare the result with the stored

> value. I defy anyone to recover the password from the stored value :-).

>

> If you want the code let me know.

Good Lord, man....impressive!

--

Mike Babcock, MCP

MB Software Solutions, LLC

President, Chief Software Architect

http://mbsoftwaresolutions.com

http://fabmate.com

http://twitter.com/mbabcock16

_______________________________________________

Post Messages to: ProFox@leafe.com

Subscription Maintenance: http://leafe.com/mailman/listinfo/profox

OT-free version of this list: http://leafe.com/mailman/listinfo/profoxtech

Searchable Archive: http://leafe.com/archives/search/profox

This message: http://leafe.com/archives/byMID/profox/4EF10B64.7000805@mbsoftwaresolutions.com

** All postings, unless explicitly stated otherwise, are the opinions of the author, and do not constitute legal or medical advice. This statement is added to the messages for those lawyers who are too stupid to see the obvious.

©2011 MB Software Solutions, LLC