So I'm on to the user management part of my little project, and before I commit to any type of DB structure, I want to make sure I'm not doing anything too crazy - so this is really just a sanity check. Code: Users table: ------------ id (int, pk, ai) username (tinytext) password (char40) [one-way hashed, obviously] salt (char5) csrf (char10) CustomUserSettingsConfig table: ------------------------------- id (int, pk, ai) name (VC40) CustomUserSettings table: ------------------------- user_id (int, fk) custom_user_setting_config_id (int, fk) value (tinytext) Or something along those lines. The users table will keep a bare minimum set of information - enough to log the user in, set/check a secure cookie, and throw a hidden input field on pages for cross-site request forgery prevention (csrf field). Custom user settings would be built out separately in the config table - just a list. The values would be joined with the two (something like SELECT CustomUserSettingsConfig.name, CustomUserSettings.value FROM CustomUserSettings JOIN CustomUserSettingsConfig ON CustomUserSettings.custom_user_setting_config_id = CustomUserSettingsConfig.id, dunno) and then sit alongside the User object in a UserDetails object. Both have aggressive caching so the join performance on the DB isn't too much of an issue - they'll only ever get read when values change in the DB. Obviously names are subject to change, but for now I'm keeping them as verbose as possible to clarify my idea. Anyways, I think this is a bit better than trying to guess what fields I'll need at any given time and put them straight on to the user table, since it could range from common stuff like email and real name to vBulletin/phpBB userID to flickr username, whatever. So is this approach crazy and foolish, or does it seem like a decent way to go about the task? Any feedback or alternate ideas are fully welcomed here - I've got my User object working off of sample local data right now which is going fine but have no tables commited for anything yet, and haven't even started the code for the custom user properties object. Thanks!