Y
Hacker News
new
|
ask
|
show
|
jobs
by
munctional
6019 days ago
It reduces the keyspace that needs to be searched when bruteforcing... leading to accounts being compromised more easily. That's about it.
1 comments
Scriptor
6019 days ago
At the same time, I think it's just a really quick/lazy way to prevent SQL injection.
link
akirk
6018 days ago
well you have already lost if you try to insert the password into the database without applying a salted hash function on it.
link
TeHCrAzY
6018 days ago
Don't most "web" languages support parameters in the same was .NET does (at least with Sql Server)?
link