Secure Password Storage

Passwords are never stored in their original clear text form, nor are they stored in a final usable form at any time.

Instead, the 128 bit cryptographic MD5 hash of term A1 described in the RFC is calculated and stored in the database when the user is first added to the database. This MD5 hash is later used as a seed for further calculations of the final user authentication credentials during subsequent authentication confirmation processes.


Password Recovery
Authentication Protocols
table of contents
full printable document





password protection ...
... industrial strength
distributed password protection
iis basic authentication
iis digest authentication

copyright(c) 2003
all rights reserved

design -