# MD5 TESTING - Adding time salt to passwords won't work, it isn't reversible!<p>echo 'MD5(): ' . md5(date('ymdHis', time()) . 'password-is-yummy-salty-safety-' . $pw);<p>A very silly, what-the-hell-was-I-thinking-when-I-wrote-this note to myself.
I can't think of any silly comments from my code right now, but I have a new one for you :-)<p><pre><code> # ...your computer really doesn't care if you seperate the password from the nonce with a dash; it's a computer, not a 2nd grade teacher[1]
echo 'MD5(): ' . md5(date('ymdHis', time()) . 'password-is-yummy-salty-safety-' . $pw);
</code></pre>
1. <a href="http://www.matasano.com/log/958/enough-with-the-rainbow-tables-what-you-need-to-know-about-secure-password-schemes/" rel="nofollow">http://www.matasano.com/log/958/enough-with-the-rainbow-tabl...</a>
I can't remember a silly comment right now, but I do remember that, because I couldn't think of anything better, I named one of my variables "charlie" . It wasn't a serious program though and that wasn't an important variable either. Still, I then read it and laughed.
/<i></i><i> the bomb! </i><i></i>/<p>just before an error-prone piece of code. My colleagues had a laugh when they found it. Since then, now I mark the "dangerous zones" with:<p><pre><code> /*** here be ASTEROIDS ***/</code></pre>
I have a page on ourdoings.com that only I use, for the purpose of crediting users. (I've been given cash a few times, and I credit bug-finders.) Just now I added functionality to impersonate a user. The success message is:<p>You feel like a new person.