Welcome Guest, Not a member yet? Register   Sign In
phpass HAVE BEEN CRACKED! What is the solution?
#19

[eluser]n0xie[/eluser]
This is why you randomly salt your hashes. (yes randomly, not via a encryption key I see some of the 'auth' libraries do)

Even if you expose your whole user table to the outside world, an attacker would have to build an unique rainbow table for each row, making it a lot less attractive. Anyway, rainbow tables are not really the issue. It's the hashing algorithms that are at 'fault'. I suggest anyone really interested in the subject read this even if it's just for this memorable quote:

Quote:There are three big differences between Provos-Mazieres and PHK’s scheme:

1. Bcrypt was invented by two smart guys and PHK’s was only invented by one smart guy. That’s literally twice the smart.


Messages In This Thread
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-16-2009, 10:13 AM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-16-2009, 10:26 AM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-16-2009, 10:36 AM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-16-2009, 11:03 AM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-16-2009, 11:07 AM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-16-2009, 11:21 AM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-16-2009, 12:05 PM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-16-2009, 12:06 PM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-16-2009, 12:09 PM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-16-2009, 12:13 PM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-16-2009, 12:26 PM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-16-2009, 12:32 PM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-16-2009, 12:47 PM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-16-2009, 12:49 PM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-16-2009, 12:54 PM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-16-2009, 01:09 PM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-16-2009, 01:15 PM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-16-2009, 04:33 PM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-16-2009, 06:10 PM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-16-2009, 06:37 PM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-16-2009, 08:00 PM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-16-2009, 08:18 PM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-16-2009, 09:52 PM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-16-2009, 11:10 PM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-16-2009, 11:19 PM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-16-2009, 11:39 PM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-17-2009, 01:38 AM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-17-2009, 02:37 AM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-17-2009, 07:31 AM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-17-2009, 07:35 AM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-17-2009, 07:44 AM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-17-2009, 07:55 AM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-17-2009, 08:51 AM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-17-2009, 08:53 AM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-18-2009, 12:30 AM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-18-2009, 01:00 AM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-18-2009, 01:17 AM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-18-2009, 01:20 AM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-18-2009, 08:21 AM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-18-2009, 09:30 AM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-18-2009, 01:47 PM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-18-2009, 02:01 PM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-18-2009, 03:42 PM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-18-2009, 03:52 PM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-18-2009, 04:34 PM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-18-2009, 07:40 PM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 10-03-2010, 08:50 AM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 10-03-2010, 12:32 PM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 10-03-2010, 01:03 PM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 10-03-2010, 03:52 PM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 10-03-2010, 04:01 PM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 10-04-2010, 12:53 AM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 10-04-2010, 01:10 AM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 10-04-2010, 02:54 AM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 04-06-2011, 07:58 PM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 04-13-2011, 02:54 PM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 04-13-2011, 04:10 PM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-21-2012, 08:01 AM



Theme © iAndrew 2016 - Forum software by © MyBB