This is Erik's Typepad Profile.
Join Typepad and start following Erik's activity
Join Now!
Already a member? Sign In
Recent Activity
@Dcaunt: The salt is there to (attempt to) prevent precomputed hashes from giving the attackers the plaintext passwords in a matter of minutes. In fact, the algorithm they used uses a different salt for each user and prepends the salt to the hash itself. Anyone getting just the hashes would have the salt anyway, even if they didn't have the rest of the code on the site.
Toggle Commented Dec 14, 2010 on The Dirty Truth About Web Passwords at Coding Horror
Erik is now following The Typepad Team
Dec 14, 2010