This is JBW_1's Typepad Profile.
Join Typepad and start following JBW_1's activity
Join Now!
Already a member? Sign In
Recent Activity
There is a security tradeoff with tunable workfactor based hashing systems (bcrypt and co) - it is really quite easy to launch a DoS against such a scheme since by design they consume system resources. Sure, that's not the same issue as a data breach, but if 2011 is any indication DoS is popular in a big way again among a certain particular populace. As for salting - it has an exponential effect on the work to crack regardless of whether the salt is secret or not. with a salt you have to brute force passwords per user, since for a given user it is necessary to go through + user specific salt for every user specific salt.
Toggle Commented Apr 6, 2012 on Speed Hashing at Coding Horror
JBW_1 is now following The Typepad Team
Mar 5, 2012