|
|
|
|
|
|
by xianb
2760 days ago
|
|
|
anything that makes computation less intensive for you also makes it less intensive for a potential malefactor - it's just an inherent tradeoff. Rather than scan for password being contained in the message, something more reasonable to try would be to check if the whole message is the password since you can just plug that into the normal password hasher and run just one slower hash op |
|
|