Welcome to the website of Davis Fiore

Passwords have to be stored as hashes, so that they cannot be reversed. In addition to this, before hashing a random generated number is added with a "salt algorithm", so that two equal password for two different users, generate different hashes. This means it's harder to crack multiple passwords.

Here's how the method works, when a user register:

1. A random salt is generated
2. Password and salt are concatenated
3. The password+salt string is hashed for N times.
4. The string iterations+salt+hash is stored into the database

Here's how the method works, when a user login:

1. Iterations, salt and hash are retrieved from the database
2. The same hash is produced for the login password
3. The login hash is compared with the database hash