Hi all,
I need the following methods for login module and reset-password module.
a) Salted MD5 technique in "authentication or login module‟ and b) MD5 hash technique in "reset password‟ modules.
and how it should work, I write the description below.
When a client requests for the login page, the server should generates a random number, the salt, and sends it to the client along with the page. A JavaScript code on the client computes the MD5 hash of the password entered by the user. It then concatenates the salt to the hash and re-computes the MD5 hash. This result is then sent to the server. The server picks the hash of the password from its database, concatenates the salt and computes the MD5 hash. If the user entered the correct password these two hashes should match. The server compares the two and if they match, the user is authenticated.
Any reference any link which does the same.