Hacker Newsnew | comments | show | ask | jobs | submit login

Unbelievable/insulting they used a general purpose, easily reversible hash like SHA1 in the first place. I would have thought everyone had seen the 'use bcrypt' page by now.

http://codahale.com/how-to-safely-store-a-password/




Since when is SHA1 easily reversible? Did I not get the memo?

Salting should have been fine.

-----




Applications are open for YC Winter 2016

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact

Search: