As using plain md5 isn't very secure and security is such a big thing on the web now would it be possible to implement a different algorithm to encrypt passwords?
For example add a "salt" to the md5'd password:
Usage would be something like:
Also to update the current users passwords wouldn't be too difficult to do with a simple script, if you decided to add something like this.
For example add a "salt" to the md5'd password:
Code:
/*-----------------------------------------------------------*/
// Create a 5 character password salt
/*-----------------------------------------------------------*/
function generate_password_salt($len=5)
{
$salt = '';
for($i = 0; $i<$len; $i++)
{
$num = rand(33, 126);
if ($num == '92')
{
$num = 93;
}
$salt .= chr($num);
}
return $salt;
}
/*-----------------------------------------------------------*/
// Compile the users password
/*-----------------------------------------------------------*/
function generate_compiled_password($salt, $md5_password)
{
return md5(md5($salt).$md5_password);
}
Code:
$encrypted = generate_compiled_password($salt, md5($password));