From 9e03a911cbd524d09fec470ba39b87ddf3d0ae03 Mon Sep 17 00:00:00 2001 From: Sean DuBois Date: Wed, 12 Jun 2013 22:02:40 -0500 Subject: [PATCH] fix length string -> fixed-length string --- _posts/07-03-01-Password-Hashing.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/_posts/07-03-01-Password-Hashing.md b/_posts/07-03-01-Password-Hashing.md index 3640e48..88f6f55 100644 --- a/_posts/07-03-01-Password-Hashing.md +++ b/_posts/07-03-01-Password-Hashing.md @@ -6,7 +6,7 @@ isChild: true Eventually everyone builds a PHP application that relies on user login. Usernames and passwords are stored in a database and later used to authenticate users upon login. -It is important that you properly [_hash_][3] passwords before storing them. Password hashing is an irreversible, one way function performed against the users password. This produces a fix length string that can not be feasibly reversed. This means you can compare a hash against another to determine if they both came from the same source string, but you can not determine the original string. If passwords are not hashed and your database is accessed by an unauthorized third-party, all user accounts are now compromised. Some users may (unfortunately) use the same password for other services. Therefore, it is important to take security seriously. +It is important that you properly [_hash_][3] passwords before storing them. Password hashing is an irreversible, one way function performed against the users password. This produces a fixed-length string that can not be feasibly reversed. This means you can compare a hash against another to determine if they both came from the same source string, but you can not determine the original string. If passwords are not hashed and your database is accessed by an unauthorized third-party, all user accounts are now compromised. Some users may (unfortunately) use the same password for other services. Therefore, it is important to take security seriously. **Hashing passwords with `password_hash`**