Re-Hash user database
I was wondering if there was a method to change the way my site hashed
passwords. My coder friend wasn't the smartest when he didn't add salts to
the sha512 hash. So now it is very insecure and I wish to change that. I
was thinking about making some complicated code to rehash when someone who
has the old hash type logs in and it would set the variable to true after
adding a salt. Or I could take the currently hashed passwords and somehow
fuse a salt into them. I would rather not reset my user database if I
don't have to. Any idea would help. I am also quite the php noob so please
explain if you include code.
It is Hashed using this method.
<?php hash('sha512',"passwordhere") ?>
No comments:
Post a Comment