How can I enable password encryption in the database for use with UserIdentity?
How can I enable password encryption in the database for use with UserIdentity?
when the user enters a new password, before storing it encrypt it (like $password=md5($password).
when logging in, again first encrypt the entered password and then compare it with the value in the database.
hmmm is there no built-in functioniality in Yii/UserIdentity component that will automate this process?
I need to also add a salt to the password.
EDIT: RESOLVED
stronger hash function:
static function passwordHash($pass)
{
return hash('sha256', Yii::app()->params['hashSalt'].$pass);
}
and add a ‘hashSalt’ param to your main.php config file