发表新帖
发表新帖

Best practices for email confirmation codes

前端 未结
关注
5 612
没有蜡笔的小新
没有蜡笔的小新 2020-12-28 19:46

I\'m creating a PHP website which involves users signing up, and I\'m wondering about best practices for \"email confirmation\" codes.

New users must confirm their e

5条回答
  • 清歌不尽
    清歌不尽 (楼主)
    2020-12-28 20:15

    It was secure enough right up until the point where you published your method on the Internet! This is because you were relying on security by obscurity, which is not a good idea.

    You ought to use some sort of keyed hash function or MAC ideally, which incorporates a secret key known only to you.

    0 讨论(0)
 看不清?
提交回复
热议问题