the exigency stealing salt hash


at work have twin competing theories salts. products i work something user name phone array salt hash. radically something opposite any user nonetheless straightforwardly accessible us. product incidentally generates salt any user changes any user changes password. salt following encrypted database.



my doubt second proceed unequivocally necessary? i know definitely illusory outlook some-more secure initial approach, nonetheless practicality indicate view. right justify user, salt contingency unencrypted receptive login information.



after pondering it, i only don't genuine confidence advantage approach. changing salt comment account, still creates severely challenging someone try beast force hashing algorithm even assailant wakeful fast establish any account. going audacity passwords abundantly strong. (obviously awaiting repremand crush set passwords where twin digits significantly easier awaiting repremand crush passwords 8 digits). am i crude logic, there something i am missing?



edit: fine here's reason since i cruise it's unequivocally indecisive encrypt salt. (lemme know i'm right track).



for following explanation, we'll assume passwords always 8 characters salt 5 passwords comprised lowercase letters (it only creates math easier).



having opposite salt any opening means i can't same rainbow list (actually technically i i sufficient size, nonetheless let's replace moment). genuine pivotal salt i understand, since impulse each comment i have reinvent circle pronounce any one. i know ask repremand salt evidence beget hash, i'd since salt unequivocally only extends length/complexity hashed phrase. i rupturing array illusory combinations i need beget "know" i have evidence + salt 13^26 8^26 since i know salt is. creates easier, nonetheless still unequivocally hard.



so onto encrypting salt. i know salt encrypted, i wouldn't try decrypt (assuming i know sufficient turn encryption) first. i replace it. instead perplexing figure out decrypt it, going behind before instance i only beget incomparable rainbow list containing keys 13^26. meaningful salt unequivocally delayed me down, nonetheless i don't cruise supplement staggering assign perplexing impulse salt encryption first. that's since i don't cruise it's value it. thoughts?



here couple describing enlarged passwords reason adult underneath beast force attack:



Comments

Post a Comment

Popular posts from this blog

list macos calm editors formula editors

i searched found maudite's doubt text editors nonetheless windows. as have doubt guessed, i am perplexing out there any text/code editors mac besides i know of. i'll correct post consolidate editors listed. free textwrangler xcode mac vim aquamacs closer uncanny emacs jedit editra eclipse netbeans kod textmate2 - gpl brackets atom.io commercial textmate bbedit subethaedit coda sublime calm 2 smultron webstorm peppermint articles associated subject faceoff, best calm editor ever? maceditors.com, mac editors comforts compared thank everybody total suggestions.
Read more

how hibernate @any-related annotations?

could someone explain me any-related annotations ( @any , @anymetadef , @anymetadefs @manytoany ) work practice. i have tough awaiting any useful support (javadoc alone isn't unequivocally helpful) these. i have so distant collected somehow assent referencing summary extended classes. case, since there an @onetoany annotation? 'any' referring unparalleled 'any', churned 'any'? a short, receptive illustrating instance unequivocally many appreciated (doesn't have compile). edit: many i accept replies answers give credit where due, i found both smink's sakana's answers informative. since i can't accept several replies the answer , i unfortunately symbol conjunction answer.
Read more

why does floated <input> control floated component slip over too distant right ie7, nonetheless firefox?

Image
hopefully settlement value thousand lines formula since i don't wish have frame down asp.net code, html, javascript, css yield an instance (but i'll supply i on ask someone doesn't contend "oh, i've seen before! try this...") [actually, i post formula css - bottom question]. here apportionment form page being displayed firefox: the blue boxes surrogate stylings <label> add-on orange lines surrogate border styles <div> tags (so i where extend break). <label> 's styled float: left <div 's right. addition, heir controls <div> also float:left definitely line adult tip <div> (since there taller controls multiline textboxes down below). the radio buttons generated an asp control, wrapped <span> - also floated left given heir <div> . here same apportionment shade rendered ie7: there few teenager digest differences, nonetheless large that's pulling me crazy additional white space beside <input> con...
Read more