Y
Hacker News
new
|
ask
|
show
|
jobs
by
mappu
5225 days ago
It does however mean you have to spend two days per password, rather than two days for the entire user base, or ten minutes with a pre-existing lookup table.
1 comments
getsat
5225 days ago
No, consumer GPUs can do almost a billion SHA1 hashes per second now. We're talking seconds to minutes for "complex" passwords, not days.
http://codahale.com/how-to-safely-store-a-password/
link
http://codahale.com/how-to-safely-store-a-password/