NPerez Posted June 10, 2011 Share Posted June 10, 2011 My understanding is that, at the moment, passwords are stored as unsalted md5 hashes. I'm not a security expert, but I've also heard that md5 is a bit outdated and unsalted hashes are highly vulnerable thanks to rainbow tables.I'm developing a store in PS and I want the highest level of security for my customer's accounts. Would it be reasonable to believe that salted passwords & perhaps SHA-256 hashes would do a better job at this? I could look into implementing it myself, but first I'd love to hear more discussion on whether it's necessary and/or a good idea. Link to comment Share on other sites More sharing options...
Burhan BVK Posted July 7, 2011 Share Posted July 7, 2011 Prestashop password hashes are salted, it is in settings.inc.php file. A different salt is generated for each shop installation. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now