HI there
I am thinking of buying your plugin, mainly because I want a secure login system for a social app I am working on.
Can you tell me how secure etc your system is with regards to salting and hashing etc.
Many thanks.
Hi algiz13
ULS is very secure. What it does is like the following:
It hashes the Password with SHA512 algorithm.
Then it makes a random salt by doing this: hash('sha512', uniqid(mt_rand(1, mt_getrandmax()), true));
A totally RANDOM salt that's hashed too.
And then is stores the password like this: hash('sha512', PASSWORD . SALT);
So it puts together the hashes password, and the salt, and then hashes it once more.
I guess it won't get more secure than this... So you won't get problems with anything in the security matter.