Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 internet speed test! ×
Security

Submission + - Our password hashing has no clothes (troyhunt.com)

troyhunt writes: "Software developers have long relied on using a salt to add randomness to passwords before they’re hashed and stored in the database. The theory has always been that the unpredictability of the salt protected passwords by making them too computationally expensive to crack as it ruled out techniques such as rainbow tables which rely on pre-computed hashes. But the hardware of today – particularly GPUs – have now progressed to the point where cracking even salted passwords using fast hashing algorithms like MD5 and SHA is trivial, as this article demonstrates."
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Our password hashing has no clothes

Comments Filter:

Computer Science is the only discipline in which we view adding a new wing to a building as being maintenance -- Jim Horning

Working...