Salting encrypted passwords
Hello,
It appears as if Security Assist uses the value defined in wa-security.php as a salt for php encryption methods. My understanding of encryption is limited, but recent reading suggests that salting password encryption with unique values for each user is more secure than using a common salt. So, if I understand correctly what Security Assist is doing, it seems as if it is using a common salt stored in a php page. If that is correct...
Does WebAssist have any instructions/documentation for using unique salts and would you recommend storing them with the user's record in the database (as I've read is recommended) or keeping them stored in php pages?
Thanks in advance for advise.