Re: [dev] [PATCH] [ubase] Simplify login

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

From: Alexander Huemer <alexander.huemer_AT_xx.vu>
Date: Tue, 3 Jun 2014 22:44:31 +0200

On Mon, Jun 02, 2014 at 06:41:45PM +0200, FRIGN wrote:
> […]
> If your password is strong, having the hashes won't help any attacker.
> […]

I think that's the whole point.
Hashing the password before writing it to disk does not hurt much.
In case an attacker got access to a box he does not know what password
the users chose.
Maybe that's a low value, but it's a value, … for a relatively low
price.

What here provides a false feeling of security?

Kind regards,
-Alex
Received on Tue Jun 03 2014 - 22:44:31 CEST

This archive was generated by hypermail 2.3.0 : Tue Jun 03 2014 - 22:48:06 CEST