the whole world burns

Archive for September 2007

Enough With The Rainbow Tables: What You Need To Know About Secure Password Schemes

 # [via]

Short version: of course you need salt, but the real goal is to make brute-forcing infeasible. The best way to accomplish that task is to make your hash function as slow as possible, and able to be slowed even further to compensate for advances in hardware.

Small things, links and miscellany, sparkling with light. Sam's tumblelog.