Registration form with salt and SHA1 encryption

Question

I have a registration form and I am using zend_auth for my login, below is how the information is encrypted for secure login:

->setCredentialTreatment('SHA1(CONCAT(?,salt))');

I have the following register method so far:

public function addUser($first_name, $surname, $email, $username, $password, $salt, $age, $gender, $uni) {

    $salt=substr(SHA1(mt_rand()),0,40);

    $data = array(
        'first_name' => $first_name,
        'surname' => $surname,
        'email' => $email,
        'username' => $username,
        'password' => $password,
        'salt' => $salt,
        'age' => $age,
        'gender' => $gender,
        'uni' => $uni,
    );
    $this->insert($data);
}

I need to add in the SHA1 encryption for the password here, but I am unsure how it will look. Any help would be awesome.

Thanks

This might already be the solution http://php.net/manual/de/function.sha1.php $salt = mcrypt_create_iv(8, MCRYPT_DEV_URANDOM); $hash = "{SSHA}" . base64_encode(sha1($password . $salt, true) . $salt); — Oliver, Apr 26 '12 at 14:46

score 2 · Accepted Answer · answered Apr 26 '12 at 14:43

$data = array(
    'first_name' => $first_name,
    'surname' => $surname,
    'email' => $email,
    'username' => $username,
    'password' => sha1($password.$salt),
    'salt' => $salt,
    'age' => $age,
    'gender' => $gender,
    'uni' => $uni,
);

Registration form with salt and SHA1 encryption

1 Answers1