Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
snow_mac
on June 7, 2012
|
parent
|
context
|
favorite
| on:
Md5crypt is no longer strong enough
How about this for security MD5(SaltFromDB + Password + ApplicationConstantSalt)? How would that be affected by something like this? Given the user you'd their salt, their paassword but not the application salt. Still really insecure?
Consider applying for YC's Summer 2026 batch! Applications are open till May 4
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
