|
|
|
|
|
|
by nitrogen
4339 days ago
|
|
|
The encrypted e-mail address has to be read somehow, so it's just as likely that an attacker gets the decryption key as the database itself (unless you use e.g. a hardware security module). That's probably good enough for e-mail addresses, but as you likely know, not acceptable for passwords. |
|
|