30.09.2010, 00:17
Quote:
|
Originally Posted by RealCop228
 It all seems to be working correctly! Thank you for the help, Calgon. I owe you!
|
Hashed Passwords
30.09.2010, 00:21
Wait a minute. Now I get this;
Код:
[20:18:35] sscanf warning: String buffer overflow.
30.09.2010, 00:21
Quote:
|
Originally Posted by nemesis-
I commend you for going the Whirlpool route.
|
Unless its for something more than a SA:MP Server, then yeah, I understand your concern.
30.09.2010, 00:27
Quote:
|
Originally Posted by Grim_
What's so wrong with MD5? Yes, it's "un-hash-able" but how often is it someone is going to take the time to get your database information, then un-hash the passwords then log onto the server just because they can.
Unless its for something more than a SA:MP Server, then yeah, I understand your concern. |
30.09.2010, 05:26
Quote:
|
Originally Posted by Grim_
What's so wrong with MD5? Yes, it's "un-hash-able" but how often is it someone is going to take the time to get your database information, then un-hash the passwords then log onto the server just because they can.
Unless its for something more than a SA:MP Server, then yeah, I understand your concern. |
What's wrong with MD5? It is crackable. There are a few thousand websites who will decrypt an MD5 hash for you in half a second. Case in point, it isn't secure. Go the Whirlpool route. It is flawless and uncrackable.
Quote:
|
Originally Posted by Cameltoe
Agree, and if you mean its so unsecure, try mixing MD5 and SHA1.
|
30.09.2010, 14:08
Quote:
|
Originally Posted by nemesis-
Something wrong with Whirlpool? Are you not understanding that it is uncrackable?
|
30.09.2010, 14:25
Quote:
|
Originally Posted by nemesis-
You're missing the point. The thread starter is asking about security. People foolishly were pushing MD5 as a secure method of password hashing - either through lack of knowledge or laziness of dealing with a simple plugin.
What's wrong with MD5? It is crackable. There are a few thousand websites who will decrypt an MD5 hash for you in half a second. Case in point, it isn't secure. Go the Whirlpool route. It is flawless and uncrackable. Something wrong with Whirlpool? Are you not understanding that it is uncrackable? |
30.09.2010, 14:36
In my experience, Whirlpool is pretty secure. I know of a couple servers who use Whirlpool password hashing and they have never had somebody break their database password(s). As long as it's safe, secure and works, I don't give a crap what it is.
30.09.2010, 14:44
Quote:
|
Originally Posted by Cameltoe
Is Whirlpool usable within other applications? like php? Don't think so.
|
http://uk.php.net/manual/en/function.hash.php
Quote:
|
1. md4 2. md5 3. crc32b 4. crc32 5. sha1 6. tiger128,3 7. haval192,3 8. haval224,3 9. tiger160,3 10. haval160,3 11. haval256,3 12. tiger192,3 13. haval128,3 14. tiger192,4 15. tiger128,4 16. tiger160,4 17. haval160,4 18. haval192,4 19. haval256,4 20. adler32 21. haval128,4 22. haval224,4 23. ripemd256 24. haval160,5 25. haval128,5 26. haval224,5 27. haval192,5 28. haval256,5 29. sha256 30. ripemd128 31. ripemd160 32. ripemd320 33. sha384 34. sha512 35. gost 36. whirlpool 37. snefru 38. md2 |
01.10.2010, 00:54
Quote:
|
Originally Posted by iCantScript
Oh the irony, RealCop228!
|
01.10.2010, 01:22
Quote:
|
Originally Posted by Cameltoe
Is Whirlpool usable within other applications? like php? Don't think so. but I'm sure it can be implemented to php aswell.
|
01.10.2010, 02:14
When I said along the lines of SA:MP, I understand players have trust in you having their information kept private, it was just the thought of someone taking the time to find the database, etc to get information about a online game server. I suppose however if someone is truly that immature, and that amount of time, they would.
I've always thought md5 was a very secure hash, but I suppose not. I'll be working with Wirlpool in the future.
I've always thought md5 was a very secure hash, but I suppose not. I'll be working with Wirlpool in the future.
« Next Oldest | Next Newest »
Users browsing this thread: 1 Guest(s)