Quote:
Originally Posted by Vince
Encoding != Encrypting != Hashing
MD5 and SHA1 are vulnerable and shouldn't be used for new projects. udb_hash is an abomination. This is not a hashing algorithm, but rather a checksum algorithm, and can be cracked in seconds.
I use Sha512 with a salt of equal length.
|
Has Vince said, Encryption != Hashing.
Encryption is the process of encoding messages or information in such a way that only authorized parties can read it and
Hashing is a hash function which is considered practically impossible to invert, that is, to recreate the input data from its hash value alone.
Quote:
Originally Posted by Isolated
Technically, Whirlpool has yet to be cracked, so he was right with his statement, unless you're talking about the rest.
|
I'm not an expert on this subject but what I know about this is, hash are considered practically impossible to invert, which means there is no reverse function but sometimes they can reach limits like MD5, I know that MD5 has collision problems, this means that you can type two words and obtain the same hash. But the question is, how do you crack a hash? Create a wordlist. If you search on ****** you'll find websites that crack hash's because they've a hugh wordlist but sometimes they can't crack because that hash doesn't exist on the wordlist.
So what they create an website to hash and crack at the same time, so when you type lololol23 they'll record this on the database. The solution is to use salt, so when the user types lololol23 you add a salt and the password will be lololol23samp and with this your hashing system will be more secured.