1. SA-MP Forums Archive
  2. SA-MP Scripting and Plugins
  3. Scripting Help

Linear Mode
Is SHA256 safe for password storage? Should I use anything else?
Vince
Spam Machine
*****
Posts: 10,066
Threads: 38
Joined: Sep 2007
Reputation: 0
#4

25.06.2017, 22:18
It's fine. Use salts for extra security. The salt should be at least as long as the hash itself (so 256 bits, 64 characters), it should be randomly generated and it should be unique for each player. That should provide sufficient protection. Until the player uses the password 123456 ...

Edit: as for Whirlpool: this requires an extra plugin. You've got a native implementation of SHA2 at your disposal. You might as well use it. And it even comes with a built in salting algorithm.
Find
Reply
« Next Oldest | Next Newest »


Messages In This Thread
Is SHA256 safe for password storage? Should I use anything else? - by EtayJ - 25.06.2017, 21:53
Re: Is SHA256 safe for password storage? Should I use anything else? - by HoussemGaming - 25.06.2017, 22:06
Re: Is SHA256 safe for password storage? Should I use anything else? - by nGen.SoNNy - 25.06.2017, 22:14
Re: Is SHA256 safe for password storage? Should I use anything else? - by Vince - 25.06.2017, 22:18
Re: Is SHA256 safe for password storage? Should I use anything else? - by sammp - 25.06.2017, 22:40

Forum Jump:


Users browsing this thread: 3 Guest(s)
  1. SA-MP Forums Archive
  2. SA-MP Scripting and Plugins
  3. Scripting Help