Re: Hashed password secure?
From: Matthijs Hebly (heeb_at_iname.com)
Date: 06/29/04
- Next message: Tom St Denis: "Re: Hashed password secure?"
- Previous message: Bill Unruh: "Re: Hashed password secure?"
- In reply to: Bill Unruh: "Re: Hashed password secure?"
- Next in thread: Tom St Denis: "Re: Hashed password secure?"
- Reply: Tom St Denis: "Re: Hashed password secure?"
- Reply: Bill Unruh: "Re: Hashed password secure?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 29 Jun 2004 21:47:07 GMT
Bill Unruh schreef:
>
> ]Correction: my suggestyion would run it
> ]*Random(SomeNumberDependentOnCPUSpeed)* times. Which, IMHO, makes it
> ](almost) impossible for some attacker to create a dictionary of hashes
>
> It also makes it completely non-portable. And has the danger that when you
> replace your machine, suddenly no password, including root's, works.
I don't see how this is in any way platform dependent...
Why is hashing in itself platform *in*dependent, but hashing a random
number of times, or with a random salt suddenly platform *dependent*?!?
Plz explane.
> Bad idea.
Thanx. I'll implement it anyway, and let you know how it works...
Matthijs
- Next message: Tom St Denis: "Re: Hashed password secure?"
- Previous message: Bill Unruh: "Re: Hashed password secure?"
- In reply to: Bill Unruh: "Re: Hashed password secure?"
- Next in thread: Tom St Denis: "Re: Hashed password secure?"
- Reply: Tom St Denis: "Re: Hashed password secure?"
- Reply: Bill Unruh: "Re: Hashed password secure?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
