[COLUG] Enterprise Two Factor Authentication
Duane
duane at cacert.org
Tue Mar 13 17:45:06 EST 2007
Jim wrote:
> Re http://www.freeauth.org/site/wiki/One%20Time%20Passwords%20with%20PHP,
>
> consider skipping the hexadecimal characterification of the md5() output.
> I.e., consider changing:
>
> $md5 = getOTP64(md5("$i$otphash"));
>
> to
>
> $md5 = getOTP64(md5("$i$otphash"),TRUE);
I think you meant:
$md5 = getOTP64(md5("$i$otphash",TRUE));
however that only became an option in php5 and later and a lot of php
servers out there still use php4 or even 3 in some cases.
--
Best regards,
Duane
http://www.cacert.org - Free Security Certificates
http://www.nodedb.com - Think globally, network locally
http://www.sydneywireless.com - Telecommunications Freedom
http://e164.org - Because e164.arpa is a tax on VoIP
http://www.freeauth.org - Enterprise Two Factor Authentication
"In the long run the pessimist may be proved right,
but the optimist has a better time on the trip."
More information about the colug432
mailing list