Contact Us

Let us know to help you out quickly!

 Admin User     Feb,08 2017

Random Salt Password Encryption

Random Salt Password Encryption Technique

/* Client Side */function encryptPassword(){var salt = #session.salt#;var passField = document.getElementById('txtPassword');// Submit this password value while submitting form.return md5(md5(passField.value) + salt);}

/* Server Side */<cfscript>/* Get the user password from the database (already stored in md5 format) */userPassword = queryUser.password;local.salt = Session.salt;// Check Salted Database Password With Submitted Password from the formif( toBase64(userPassword&local.salt) eq form.userPassword ){//Authenticated.}else{// Invalid user}</cfscript>

* Password In the database needs to be stored in md5(base64 encoding) format.
* md5() javascript functions are readily available on the internet.
* Any technique can be used for generation of Salt value.