How do I implement salt into my login for passwords?

Question

I want to implement a salt into my login system but am a bit confused on how this is supposed to work. I can\'t understand the logic behind it. I understand md5 is a one-way

Answer 1

As you mentioned, hashing algorithms work only one-way (or only if they are strong enough :-D)

For your question about salting I would recommend to hash a password with a static salt string and some dynamic data from database, which should not change after once created

This is a very secure way of storing passwords, as even if database is compromised, hackers/crackers still need to get your static string hash and need to guess how you applied all the salting..

For example let's say you have a users table with these columns:

id
username
password
created_at

columns id and created_at after once filled should never be changed..

so when you are hashing user's password you can do as simple as:

I hope this one helps :) cheers