Welcome Guest, Not a member yet? Register   Sign In
phpass HAVE BEEN CRACKED! What is the solution?
#23

[eluser]slowgary[/eluser]
What's the benefit of a random salt when it has to be stored in the database table? If someone gains access to the table, they have the salt. Maybe if you just used another field instead of having a salt field, the hacker would not know that the field had anything to do with the salt (user's email address, for instance).

Also, does it really matter what you use to hash passwords with? Unless they have direct access to your database, a brute force attack would be done using actual dictionary words, not hashed words. Your site should not allow someone to fail more than a few login attempts before they're locked out for a short time and you log their info.


Messages In This Thread
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-16-2009, 10:13 AM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-16-2009, 10:26 AM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-16-2009, 10:36 AM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-16-2009, 11:03 AM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-16-2009, 11:07 AM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-16-2009, 11:21 AM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-16-2009, 12:05 PM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-16-2009, 12:06 PM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-16-2009, 12:09 PM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-16-2009, 12:13 PM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-16-2009, 12:26 PM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-16-2009, 12:32 PM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-16-2009, 12:47 PM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-16-2009, 12:49 PM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-16-2009, 12:54 PM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-16-2009, 01:09 PM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-16-2009, 01:15 PM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-16-2009, 04:33 PM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-16-2009, 06:10 PM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-16-2009, 06:37 PM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-16-2009, 08:00 PM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-16-2009, 08:18 PM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-16-2009, 09:52 PM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-16-2009, 11:10 PM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-16-2009, 11:19 PM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-16-2009, 11:39 PM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-17-2009, 01:38 AM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-17-2009, 02:37 AM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-17-2009, 07:31 AM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-17-2009, 07:35 AM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-17-2009, 07:44 AM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-17-2009, 07:55 AM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-17-2009, 08:51 AM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-17-2009, 08:53 AM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-18-2009, 12:30 AM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-18-2009, 01:00 AM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-18-2009, 01:17 AM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-18-2009, 01:20 AM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-18-2009, 08:21 AM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-18-2009, 09:30 AM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-18-2009, 01:47 PM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-18-2009, 02:01 PM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-18-2009, 03:42 PM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-18-2009, 03:52 PM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-18-2009, 04:34 PM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-18-2009, 07:40 PM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 10-03-2010, 08:50 AM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 10-03-2010, 12:32 PM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 10-03-2010, 01:03 PM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 10-03-2010, 03:52 PM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 10-03-2010, 04:01 PM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 10-04-2010, 12:53 AM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 10-04-2010, 01:10 AM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 10-04-2010, 02:54 AM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 04-06-2011, 07:58 PM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 04-13-2011, 02:54 PM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 04-13-2011, 04:10 PM
phpass HAVE BEEN CRACKED! What is the solution? - by El Forum - 06-21-2012, 08:01 AM



Theme © iAndrew 2016 - Forum software by © MyBB