Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 Internet speed test! ×
Security

Submission + - Our password hashing has no clothes (troyhunt.com)

troyhunt writes: "Software developers have long relied on using a salt to add randomness to passwords before they’re hashed and stored in the database. The theory has always been that the unpredictability of the salt protected passwords by making them too computationally expensive to crack as it ruled out techniques such as rainbow tables which rely on pre-computed hashes. But the hardware of today – particularly GPUs – have now progressed to the point where cracking even salted passwords using fast hashing algorithms like MD5 and SHA is trivial, as this article demonstrates."
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Our password hashing has no clothes

Comments Filter:

"Even if you're on the right track, you'll get run over if you just sit there." -- Will Rogers

Working...