[pLog-svn] Salted MD5
Mark Wu
mark.wu at markplace.net
Mon Mar 10 02:09:16 EDT 2008
Hi All:
I plan to upgrade our password algorithm to salted MD5, take the following
for eaxample:
sha1(md5($password) + user_defined_private_key);
I will also remain an option in lifetype admin panel for user to use the old
MD5 way to keep compatability.
If we use the algorithm above, It is also possible to convert the old hashed
password to new hased password.
How do you think?
http://kuza55.blogspot.com/2006/10/online-reverse-lookup-tables-for.html
These kind of online reverse lookup table sites making the MD5 only
algorithm more dangerous.
Mark
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://limedaley.com/pipermail/plog-svn/attachments/20080310/a9cf41d4/attachment.htm
More information about the pLog-svn
mailing list