I just have a homework page, no secrets. I’m trying to improve the login security anyway.
A student uses his or her student number to login. Up to now I was using MD5(). Now I would like to use this:
$password = password_hash($_POST[‘password’], PASSWORD_DEFAULT);
What is not clear to me is how I get that password in the password column of the studentsdb first? MySql has the function MD5(), so that was easy.
I read that this password_hash uses a ‘salt’. Will the ‘salt’ always be the same for a given student number?