Y
Hacker News
new
|
ask
|
show
|
jobs
by
csnover
311 days ago
No. This is why salts[0] are used.
[0]
https://en.wikipedia.org/wiki/Salt_(cryptography)
2 comments
integralid
311 days ago
This is how it should be done. But it still doesn't protect users fully, because attacker can try to brute-force passwords their interested in. It requires much more effort though.
link
incorrecthorse
311 days ago
And compute-intensive hash functions. Computers this day are powerful enough to hashcat each individual pwd+salt if a fast hashing function is used.
link