02-15-2012, 12:49 AM
I understand the benefits of Salting passwords. Unfortunately this is a vendor provided system, and honestly if the database was stolen the passwords are the least of our concern (we would just take our web servers offline and disable any access and make the database local until we have resolved the issue). There is much more important (and confidential information) is hosted.
I have already asked our vendor to include the ability to salt passwords.
Besides the obvious risk of not using salted passwords, how does the performance of this machine compare?
I have already asked our vendor to include the ability to salt passwords.
Besides the obvious risk of not using salted passwords, how does the performance of this machine compare?