Well, this kind of stuff isn't very secret and I don't believe in security by obfuscation. And by doing this, you just make it that way that hackers would need a ton of time to hack every user so it simply isn't profitable to them to try to.

Also, this really doesn't use much resources at all: you create a random value once for every user and use a fixed value for 1 user.

So basicly you just get 1 value from the database, encrypt the password with it and the fixed value and compare it to what we have in the database. 2 query's ain't that bad.

You can never achieve 100% security though and if one wants to hack a user, they will. Social engineering for example: at my work I can see the passwords of our customers their internet subscription control panel.

Mostly it's the name of their kids...

 

I do not encrypt any value except for your password (and possibly your secret answer, not sure yet) because it doesn't make any sense at all to do so: you need those values. The point of encryption is to make it impossible to retrieve those values. So if we would store your email encrypted, we wouldn't be able to mail you because your mail can't get decrypted. Encryption is one-way most of the times.

If you would use two-way encryption (so be able to decrypt it) you would waste a ton of resources on that.

The password value gets encrypted when you register together with your personal secret value and the fixed secret value. Since SHA1 always returns the same value for a hash, you know what the value is that you should get. So, when you try to login we encrypt your inserted password together with the 2 secret values (salts). If it matches up, you have entered the right password, if not, you entered it wrong.

Even I can't see your password...