|
|
|
|
|
|
by seabee
5274 days ago
|
|
|
More specifically, it raises the bar from requiring a database dump (SQLi) to also requiring the encryption key (filesystem access or discover it yourself by cracking weak passwords). When each line of code you write is a point of failure, I would rather trust an algorithm (e.g. bcrypt) which is immune to all of them rather than reversible encryption which needs only two. |
|
|