04-30-2012, 09:57 PM
(04-30-2012, 09:45 PM)matafor Wrote: Hi Folks!
I'm thinking about using a software with the following hash-algorithm: sha1(salt+sha1(salt+pass+salt))
I wanted to check if this algorithm is secure.
As far as I can say, no Bruteforce-Software supports such a algorithm, right? So you would say this method is secure?
thanks!
No. especially since you have just posted this, it would be absolutely trivial to add this algorithm to a bruteforcer (or write your own).
Additionally, even if you don't divulge the combination, that doesn't guarantee someone can't figure it out, one way or another.
It may help to keep the script-kiddies out, but nothing is unbreakable.