1. SA-MP Forums Archive
  2. SA-MP Scripting and Plugins
  3. Scripting Help

Threaded Mode
Hash
Banditukas
Banned
Posts: 534
Threads: 265
Joined: Jul 2014
#1

16.08.2014, 15:31
Why need hash password?
Find
Reply
Affan
Huge Clucker
****
Posts: 390
Threads: 65
Joined: Dec 2012
Reputation: 0
#2

16.08.2014, 15:40
"We hash passwords to prevent an attacker with read-only access from escalating to higher power levels."
Find
Reply
Banditukas
Banned
Posts: 534
Threads: 265
Joined: Jul 2014
#3

16.08.2014, 15:43
It'is possible that attackers can read information from database?
Find
Reply
zT KiNgKoNg
Gangsta
*****
Posts: 912
Threads: 116
Joined: Jun 2012
Reputation: 0
#4

16.08.2014, 16:02
Quote:
Originally Posted by ******
Посмотреть сообщение
Attackers aren't the problem - server owners are. They ALREADY have database access, and THEY should not be able to read passwords either.

In short: DO NOT try write your own secure user system.
True, along with the possibility of creating a salt (sort-to-say) on a daily basis (possibly every 2/4 hours) to secure that password even more (Using the registration date or a unixtimestamp method to find the string in a database, ect)
Find
Reply
« Next Oldest | Next Newest »


Forum Jump:


Users browsing this thread: 1 Guest(s)
  1. SA-MP Forums Archive
  2. SA-MP Scripting and Plugins
  3. Scripting Help