I am VERY disappointed right now!
I'm working for a friend on your script, and the first thing I was planning to do was give MD5 a salt so that it would be a little more secure and this is the first line I see.
$username = $_POST["username"]; $pass1 = $_POST["pass1"]; $pass2 = $_POST["pass2"]; Why? Why is this not secure D< and you're inserting this RIGHT into the DB. I know you didn't build this script yoursefl, but just improved on it, but please, add some more security next update. |
Well I know what you are talking about. The dev staff are indeed working on this problem right now, after a programmer called Noseatback pointed it out. The new script will be using a combination of MD5, SHA1 and Salt to secure user password(maybe pepper too), if you wanna know.
|
Sounds great! I feel much better.
|
All times are GMT -5. The time now is 11:49 PM. |
Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2024, vBulletin Solutions Inc.