Password Validation
Posted
by Humpton
on Stack Overflow
See other posts from Stack Overflow
or by Humpton
Published on 2010-03-25T05:32:53Z
Indexed on
2010/03/25
5:53 UTC
Read the original article
Hit count: 353
Hi there.
Using mysql and php
Is there any reason / value when checking a password to query the database using the user name and password (after sanitizing, of course) and recording a failed attempt when no rows are returned vs querying the database using the user name and then comparing the return password string?
EDIT: To those who mentioned it below, yes the password is hashed up in the database.
© Stack Overflow or respective owner