This is Jim Hunziker's Typepad Profile.
Join Typepad and start following Jim Hunziker's activity
Join Now!
Already a member? Sign In
Jim Hunziker
Recent Activity
I'm pretty sure this isn't right. They did store just salted hashes. The algorithm was DES, but inside crypt(3), which produces salted hashes. The reason the passwords were recoverable, though, was that dictionary attacks were very easy because crypt(3) only uses 2 characters of salt for the 8 character passwords.
Toggle Commented Dec 14, 2010 on The Dirty Truth About Web Passwords at Coding Horror
Jim Hunziker is now following The Typepad Team
Sep 17, 2010