Quote:
Originally Posted by Calgon
Salting is a bit excessive just for SA-MP IMO. Whirlpool is more than enough.
|
I disagree. Especially looking at those servers out there who store the e-mail address of the user. Since most people are unaware of any security related issues that come with installing a mysql database for example it is very simplistic to inject their server and retrieve information such as passwords and emails. One out of a hundred users will likely be using the same password of the e-mail. Now with the e-mail itself I can check if that user has registered any kind of service other then sa-mp with that particular email. Now I might find valueable accounts such as Steam which are not a rare occassion in the scene.
I believe you underestimate the data that sa-mp servers collect.
EDIT:
Keep in mind that socialising is also a part of hacking. It is not too hard to find out one's MSN or such and from there on you can find their password through an injection - log on their MSN - scam someone important on their list - oh dear possibilities are endless I believe.
EDIT2:
tldr: You can never be save enough I believe.
