Password Hashes, Again
Max Kanat-Alexander
mkanat at bugzilla.org
Fri Apr 13 07:41:52 UTC 2012
So, we probably shouldn't be using SHA at all, and we should switch to
some Perl module that specifically is designed to do password hashing:
http://www.codinghorror.com/blog/2012/04/speed-hashing.html
tl;dr: You can break most SHA-256 passwords pretty quickly with some GPUs.
-Max
--
Max Kanat-Alexander
Chief Architect, Community Lead, and Release Manager
Bugzilla Project
http://www.bugzilla.org/
More information about the developers
mailing list