Salting Passwords in plain sight

24 July 2009 at 18:57

Interesting method of creating a unique salt that can only be derived from the password being encrypted. If you used a salt created by an algorithm based on something known, an attacked who had access to the DB and the salting method could devise a cracking mechanism.

But with this, even if you have both of those you would still not be able to crack the password without trying every possible password against itself - a feat that approaches impossibilty.

Comments

Display comments as (Linear | Threaded)

No comments

Add Comment

Name
Email
Homepage
In reply to
Comment	E-Mail addresses will not be displayed and will only be used for E-Mail notifications. To prevent automated Bots from commentspamming, please enter the string you see in the image below in the appropriate input box. Your comment will only be submitted if the strings match. Please ensure that your browser supports and accepts cookies, or your comment cannot be verified correctly. Enter the string from the spam-prevention image above:
	Remember Information? Subscribe to this entry
Submitted comments will be subject to moderation before being displayed.

Salting Passwords in plain sight

Archives