22.02.2013, 14:40
So what? It is the user's fault for not properly caring for their own security. But even so, it would probably take weeks if not months to crack a single password. Furthermore, you would have to find out the algorithm that was used to generate the output password in the first place.
If I give you this hashed password: 3705a00b66b3ca91038660863b3790604f0159de
and this salt: a1795bcdf0
You would still be unable to find out that it was generated using
Edit: I might add that banks require a token to be able to login. At least here in Belgium.
If I give you this hashed password: 3705a00b66b3ca91038660863b3790604f0159de
and this salt: a1795bcdf0
You would still be unable to find out that it was generated using
PHP код:
sha1( CONCAT( sha1( 'test123' ) , md5( 'a1795bcdf0' ) , 123 ) )