Re: Custom Function Password Match Always Triggered

On Dec 21, 2010, at 22:45, John Maxim wrote:

> Hi Ryan what is a wrapper ?

A wrapper is a function that calls another function.

http://en.wikipedia.org/wiki/Wrapper_function

> Does it make it less secure ? but seeing that it has salted added
> doesn't sound like so.

Using a salt makes your hashing *more* secure. If you store unsalted hashes in your database, and a hacker manages to get access to that database, they could possibly figure out the original passwords, for example using rainbow tables. That's why you want to use a salt -- to prevent that attack possibility.

http://en.wikipedia.org/wiki/Rainbow_table

CakePHP provides the Security::hash() method so that you can use it to hash with salt, so that you don't have to manually deal with adding salt every time you want to compute a hash.

http://en.wikipedia.org/wiki/Don%27t_repeat_yourself

Check out the new CakePHP Questions site http://cakeqs.org and help others with their CakePHP related questions.

You received this message because you are subscribed to the Google Groups "CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to
cake-php+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en