|
|
|
|
|
|
by yunu_ng
4807 days ago
|
|
|
Security through obscurity. The hackers don't expect you to have a hashed password? So what? This is no different from salting. Also, by adding a new function into your password hashing have you changed the cryptographic properties of the composed function? Have you formally proved that these new properties are as strong as the uncomposed properties? No? Then don't do it. DON'T ROLL YOUR OWN CRYPTO, PEOPLE! Composing functions counts as rolling your own, btw. |
|
|