Giuseppe: php - How best to use the encryption method for confirm code -

Thursday 15 August 2013

php - How best to use the encryption method for confirm code -

How to best utilize the encryption method to confirm the code on an email notification: MD5, sha1 or rule 256 < / P>

I email notification to confirm some actions by email;

I prepared a confirmation code with salt and some parameters

How to best utilize the encryption method to verify the code

You have two main options here:

Generate some random data, your database associated with that profile Store in, and just enter this data on the link;
Any kind of secure
hash based on both the user id and the hash based on that hash, the first option is safe (assuming you are real random Number generators are using or a very, very good pseudo random number generator), but you have to store the data on the database.
I usually like the second option, because there is no need to store anything on the database, and no
select a secret key, which is only your server The address will run, then define which parameter you want to validate in the URL (for example, only the user ID can be sufficient, however, if you want to end the link time, then you have a timestamp for the URL Od can and user ID and can validate the timestamp with your hash). Mix your secret key with parameters, create a hash based on it, and create a link that specifies both your parameters and hash when the user clicks on the link, you take the parameters from the URL, Together they re-add, provide results and compare to the hash that comes with the URL.
A safe way to do this is to use , which is the hash-based message authentication code .
Note that this mechanism exposes valid data in your URL. If the data is confidential (ie, suppose you want to send a link to the user that contains the username and password, without having to save anything on the database before clicking on that link), you should use it, Which is a mix of an encryption algorithm (which guarantees that no data can be read) and an authentication algorithm (which guarantees that any significant meaning Can not be angry with encrypted data to date - only your server could such generated code).

Posted by Unknown at 03:22
Email This BlogThis!Share to Twitter Share to Facebook Share to Pinterest

No comments:

Post a Comment

Newer Post Older Post Home

Subscribe to: Post Comments (Atom)

About Me

Unknown

View my complete profile

Blog Archive

► 2015 (1886)

► September (203)

► August (208)

► July (224)

► June (210)

► May (230)

► April (195)

► March (209)

► February (201)

► January (206)

► 2014 (2117)

► September (239)

► August (251)

► July (226)

► June (208)

► May (229)

► April (199)

► March (255)

► February (275)

► January (235)

▼ 2013 (2011)

► September (199)

▼ August (228)

c# - How to handle exception if Entity DB file is ...

iphone - iOS, using underscore vs using iVar direc...

python - Using one form for two similar models -

java - Adding a BufferedImage to a JPanel on JLaye...

Is there a defined method for storing Adobe XMP in...

linux - verifing some arguments in bash -

html - css: target a class which is inside a same ...

how to run scalatest at package level in Eclipse -

oracle10g - Sql query: no rows selected -

apache - mod_pagespeed is not sending expected out...

c# - Exception with IIS ASP.NET 4.0 and using refl...

java - Can a Program Differentiate between User Ke...

detection - How to detect whether or not an Androi...

android - Google In app Billing V3 ERROR Code -

codeigniter - How to include language files for ea...

Does this code correctly identify python strings -

apache - URL Rewriting doesn't seem to work. Apach...

jquery - Having a strange JSON Parsing issue -

Grails GSP outer templates with inner content? -

android - How to make an on-the-fly refresh on Goo...

python - Arduino hit counter -

c++ - Priority Queue of Nodes -

Play a stream of G711 encoded audio using Java? -

git - setting up gerrit -

sql server - Not include records from within a sel...

backbone.js - Backbone View events don't get destr...

javascript - angular js adding two numbers issue -

SQL select statements in C# -

django - Using values_list and extra on same query...

Rails form_for in Twitter Bootstrap Modal with AJA...

go - How to convert to nested type -

graphics - c++ using text files to make graphs -

ios - Cloning a uiview defined in interfacebuilder? -

Determining if two file paths point to same file u...

javascript - ajax query error on callback -

AWK -Print the next to last field of each line of ...

ubuntu - rvm init.d script -

java - How to record a click event for an image ac...

c++ - FreeType error when building in XCode -

java - I want to create a method in my enumeration? -

loops - Java, make sure objects are being deleted ...

wix - how to change from per user to all user inst...

asp.net mvc - What is loose coupling? -

android - How to set bar width using achartengine....

oop - Lua objects tables leaking between object in...

php - Query to convert from datetime to date in ze...

Reading a log file in java which in currently bein...

c++ - How can I get an MFC application to block fr...

c# - How to detect High CPU and long response time...

c# - How to select multiple items from contextMenu...

java - Mock a private method of the class under te...

How to accept tcl bitmaps list -

c - Finding out if a binary file has been compiled...

Can't read native C++ BYTE * in VB.NET -

Disabling Button Javascript and C# -

java - Error with self-bootstrapping Ant build -

c++ - How to expose Java enum to native code throu...

If Git finds merge conflict, how can i fix that in...

jquery - mapping ajax data in c# using object bind...

Customize Perl Markdown to recognize note paragrap...

.net - Is there a way to convert between byte[] to...

sql server - include the outptut of storedprocedur...

php - Ungroup Address Field in SugarCRM -

javascript - Does the KnockoutJS observableArray d...

python - What code do I need to write a csv file f...

c++ - Bugs while loading from text file -

javascript - Pushing/Creating elements dynamically...

ProgressText not working for custom action in WiX -

Looking for Accurate Ruby, Javascript, or R Excel ...

Using SQL pivot in case with only one duplicated d...

android - making spinner treat as simple button -

android - How to load images that aren't on the sc...

c# - Unity Interception GetCustomAttribute -

ios - Incorrect decrement of the reference count o...

Complex Google App Engine Search -

debugging - JQuery Template Engine Half-Works in C...

image - Retrive combined files using java? -

ios - AFNetworking with Unreliable wifi - Detectin...

filepicker.io - Resize and Crop an image using a s...

php - What technology can be used to update a web ...

pivot - Oracle - Look up for the data in pivoted t...

c# - Parsing different time formats into short tim...

php - Avoiding Duplicate item in loop -

css3 - -moz-background-clip: text; in Mozilla upda...

php - Forcing CodeIgniter to send view and stop wo...

Can I freeze the header row of a fusion table -

java - setColor in JFrame does not work -

iphone - How to extract specific data has equal va...

C# Wait until the object has been inserted to the ...

.net - Visual Studio C++ not recognizing literal s...

html - Change scroll speed of specific element -

rspec - Ruby 2.0 Breaking Change? Date Comparison -

machine learning - Step by step guide to train a m...

javascript - How to I prevent user from typing the...

iphone - How to discover another device without us...

javascript - Cannot hide tab named "General" in cr...

javascript - FuelUX Wizard is not submitting my fo...

sql server - Rewrite SQL Query- I need to replace ...

javascript - 2 mouseover/hover effects in 1 div? -

c - Subtracting from pointer to get length -

► July (210)

► June (222)

► May (217)

► April (229)

► March (243)

► February (221)

► January (242)

► 2012 (1993)

► September (227)

► August (235)

► July (225)

► June (206)

► May (221)

► April (216)

► March (206)

► February (227)

► January (230)

► 2011 (1964)

► September (220)

► August (222)

► July (219)

► June (224)

► May (219)

► April (206)

► March (216)

► February (221)

► January (217)

► 2010 (1952)

► September (230)

► August (202)

► July (221)

► June (207)

► May (213)

► April (199)

► March (234)

► February (244)

► January (202)

Powered by Blogger.