Password hashing
Sandy Harris
sandyinchina at gmail.com
Fri Oct 12 20:47:17 EDT 2007
On 10/13/07, Martin James Cochran <Martin.Cochran at colorado.edu> wrote:
> ... What's wrong with starting
> with input SALT || PASSWORD and iterating N times, ....
Shouldn't it be USERID || SALT || PASSWORD to guarantee that if
two users choose the same password they get different hashes?
It looks to me like this wold make dictionary attacks harder too.
--
Sandy Harris,
Nanjing, China
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list