What is the best way to store a pwd into a dbase? I guess it is hashing it. Read a lot regarding this issue to use md5 for it, but can i use AES for it also? And what is that salt thing doing? And then, there is more, What is the best way to request a login and pwd from a user (client level) without using https or ntlm or something like that, just a clean html / asp thing.
View RepliesI have a dbase containing login details for 21,000 members. I also have a
forum that I am about to implement.
When the user gets to the main site, he has to login (this is done by
checking his credentials against DB1) When he is logged in, all his details
are stored in session variables. Clicking on the forum link will take him to
the forum where he has to log-in or register. Currently, the forum checks
cookies to see if there is a valid name and password and then checks these
against it's own DB (herein called DB2) or requires the user to
login/register
I plan to modify the forum so that the login is bypassed and the forum
accepts the current session name and password as the login. (This is so that
all names on the site main site, chat, forum etc are uniform, i.e Dave47 in
a chat room, is Dave47 in the forum, is Dave47 in the members area etc)
so...what I need to do (if you're still with me) is.
When a new user registers on the main site, his details are put into DB1
*and* DB2. , can I have two data sources open at once?
The reason I need two DBs is that the information in DB1 is a lot less than
is needed by the forum in DB2.
Also how can I copy selected fields from DB1 (name, password for existing
users) into DB2? like I said..there's 21,000 and to do it manually would
take forever.