On Mon, May 24, 2010 at 2:24 PM, V.Krishn <vkrishn at insteps.net> wrote: > > I am guessing you mean sha1($email.$username.$password) The secret string is the important thing to include. Build a hash containing whatever strings you want to verify, plus the secret, e.g.: sha1($email.$username.$password.$secret); Marcus