One way to secure a password in the database is to hash it with salt i.e. appending a random string to the password and then hash it and store the value.
Does encrypting the
password || salt then hashing it make it more secure? Is it really necessary (or can I skip the encryption part)?
Go to Source