30.09.2010, 00:17
Hashed Passwords
30.09.2010, 00:21
Wait a minute. Now I get this;
Код:
[20:18:35] sscanf warning: String buffer overflow.
30.09.2010, 00:21
What's so wrong with MD5? Yes, it's "un-hash-able" but how often is it someone is going to take the time to get your database information, then un-hash the passwords then log onto the server just because they can.
Unless its for something more than a SA:MP Server, then yeah, I understand your concern.
Unless its for something more than a SA:MP Server, then yeah, I understand your concern.
30.09.2010, 00:27
Quote:
What's so wrong with MD5? Yes, it's "un-hash-able" but how often is it someone is going to take the time to get your database information, then un-hash the passwords then log onto the server just because they can.
Unless its for something more than a SA:MP Server, then yeah, I understand your concern. |
30.09.2010, 05:26
Quote:
What's so wrong with MD5? Yes, it's "un-hash-able" but how often is it someone is going to take the time to get your database information, then un-hash the passwords then log onto the server just because they can.
Unless its for something more than a SA:MP Server, then yeah, I understand your concern. |
What's wrong with MD5? It is crackable. There are a few thousand websites who will decrypt an MD5 hash for you in half a second. Case in point, it isn't secure. Go the Whirlpool route. It is flawless and uncrackable.
Something wrong with Whirlpool? Are you not understanding that it is uncrackable?
30.09.2010, 14:08
30.09.2010, 14:25
Quote:
You're missing the point. The thread starter is asking about security. People foolishly were pushing MD5 as a secure method of password hashing - either through lack of knowledge or laziness of dealing with a simple plugin.
What's wrong with MD5? It is crackable. There are a few thousand websites who will decrypt an MD5 hash for you in half a second. Case in point, it isn't secure. Go the Whirlpool route. It is flawless and uncrackable. Something wrong with Whirlpool? Are you not understanding that it is uncrackable? |
30.09.2010, 14:36
In my experience, Whirlpool is pretty secure. I know of a couple servers who use Whirlpool password hashing and they have never had somebody break their database password(s). As long as it's safe, secure and works, I don't give a crap what it is.
30.09.2010, 14:44
Quote:
Is Whirlpool usable within other applications? like php? Don't think so.
|
http://uk.php.net/manual/en/function.hash.php
Quote:
1. md4 2. md5 3. crc32b 4. crc32 5. sha1 6. tiger128,3 7. haval192,3 8. haval224,3 9. tiger160,3 10. haval160,3 11. haval256,3 12. tiger192,3 13. haval128,3 14. tiger192,4 15. tiger128,4 16. tiger160,4 17. haval160,4 18. haval192,4 19. haval256,4 20. adler32 21. haval128,4 22. haval224,4 23. ripemd256 24. haval160,5 25. haval128,5 26. haval224,5 27. haval192,5 28. haval256,5 29. sha256 30. ripemd128 31. ripemd160 32. ripemd320 33. sha384 34. sha512 35. gost 36. whirlpool 37. snefru 38. md2 |
01.10.2010, 00:54
01.10.2010, 01:22
01.10.2010, 02:14
When I said along the lines of SA:MP, I understand players have trust in you having their information kept private, it was just the thought of someone taking the time to find the database, etc to get information about a online game server. I suppose however if someone is truly that immature, and that amount of time, they would.
I've always thought md5 was a very secure hash, but I suppose not. I'll be working with Wirlpool in the future.
I've always thought md5 was a very secure hash, but I suppose not. I'll be working with Wirlpool in the future.
« Next Oldest | Next Newest »
Users browsing this thread: 1 Guest(s)