I was reading an article about the Ars Technica hack here and had a couple of questions. The commenter said:
"PHPass uses salted and iterated MD5 to hash passwords"
My question is that if I were to design a new system, would using salted, multiple iterations of MD5 be considered acceptable, vs just using SHA256, bcrypt, etc? why would I use MD5, even this implementation of it, vs something considered more secure by the industry?
Aucun commentaire:
Enregistrer un commentaire