Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×
Security

Submission + - Our password hashing has no clothes (troyhunt.com)

troyhunt writes: "Software developers have long relied on using a salt to add randomness to passwords before they’re hashed and stored in the database. The theory has always been that the unpredictability of the salt protected passwords by making them too computationally expensive to crack as it ruled out techniques such as rainbow tables which rely on pre-computed hashes. But the hardware of today – particularly GPUs – have now progressed to the point where cracking even salted passwords using fast hashing algorithms like MD5 and SHA is trivial, as this article demonstrates."
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Our password hashing has no clothes

Comments Filter:

The trouble with a lot of self-made men is that they worship their creator.

Working...