|Re: [jetty-dev] Can someone please shed some light on the security of password hashing offered in jetty?|
Those dictionary databases are only useful if no salt is used, eg thats where linkedin when wrong with their breach.
But if you're not using salt then no hashing algorithm will help
you, because anyone can generate a dictionary from known common
So AFAIK MD5 is as good a password hashing function for the web as any other.
On 20/02/17 17:06, Edmond Kemokai wrote:
Back to the top