How not to salt a hash
#2
Interesting read, nice insight.

A simple solution would be to switch the salt and sha1($pass), so that the algorithm would look like sha256(sha1($pass).$salt).

However, why chain algorithms when you can select a simple one with plenty iterations and a salt?
Looks like reinventing the wheel to me.
Reply


Messages In This Thread
How not to salt a hash - by atom - 06-12-2015, 11:03 AM
RE: How not to salt a hash - by Rolf - 06-12-2015, 11:52 AM