

The Definitive Guide to Cryptographic Hash Functions (Part II) | Varonis - dsgibson2
http://blog.varonis.com/the-definitive-guide-to-cryptographic-hash-functions-part-ii/

======
chubbard
This is a little out of date information. Dictionary attacks and publicly
accessible Rainbow tables have existed for quite some time (late 90s
probably). Salting your passwords was an important way to break rainbow
tables, but doesn't prevent, only slows down, dictionary attacks. And now with
GPU assisted computations salting techniques won't protect you. I almost think
discussions like this should just cut to the chase and say use Bcrypt with
proper iteration counts to thwart modern brute force attacks. I realize this
is a 3 part series, but talking about rainbow tables is like discussing the
proper way to hold your buggy whip.

