Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
bonzoesc
on April 6, 2012
|
parent
|
context
|
favorite
| on:
Speed Hashing
Because sha1 is still super fast on a GPU. Why aren't you using bcrypt?
Misiek
on April 6, 2012
[–]
I thought that hashing password with two types of salt (one of them is unique for every user) and two places to storage salts is secure enough.
tptacek
on April 6, 2012
|
parent
|
next
[–]
You thought wrong.
bonzoesc
on April 6, 2012
|
parent
|
prev
[–]
Salts don't slow a GPU down:
http://codahale.com/how-to-safely-store-a-password/
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
