Hacker News new | ask | show | jobs
by bawolff 1214 days ago
No it does not.

Either you allow bcrypt hashes, or this bug is inapplicable. If you are encrypting your hashes or something, then this bug cannot be leveraged.
1 comments
madsbuch 1210 days ago
Yes, for this very specific bug. This thread taked about having access to the database as a general attack vector.
link