Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
snow_mac
on June 7, 2012
|
parent
|
context
|
favorite
| on:
Md5crypt is no longer strong enough
How about this for security MD5(SaltFromDB + Password + ApplicationConstantSalt)? How would that be affected by something like this? Given the user you'd their salt, their paassword but not the application salt. Still really insecure?
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
