classes help

~~Dentafrice,~~ · 14-10-2007, 01:42 PM

True, but I was reading on sitepoint that using more then just an identifying variable (such as a username or userid) would be a potential security risk that you should just use that one variable to pull the information out and check it.

Tomm · 14-10-2007, 02:38 PM

Actually doing that is more of a security risk. What if a hacker found a way to change that variable? He could theoretically could login as anyone he wanted. I would prefer to let the hacker have my hashed password as, assuming you are using salts, its useless in its current form and nearly impossible to crack.

Originally Posted by Dentafrice,

True, but I was reading on sitepoint that using more then just an identifying variable (such as a username or userid) would be a potential security risk that you should just use that one variable to pull the information out and check it.

Jae. · 09-11-2007, 03:41 PM

MD5 is quite easy to crack, i dont know about salts.

~~Dentafrice,~~ · 10-11-2007, 01:18 PM

You cannot crack MD5..

~~iTechnical~~ · 10-11-2007, 01:25 PM

Originally Posted by Dentafrice,

You cannot crack MD5..

My cousin tried it. O.o
As Caleb said you can't.

~~Dentafrice,~~ · 10-11-2007, 01:27 PM

You can use rainbow tables, but other then that you need a big list of encoded MD5's.

Example:

Normal Text: hello
Md5 Hash: 5d41402abc4b2a76b9719d911017c592

You type in the 'cracker': 5d41402abc4b2a76b9719d911017c592

It searches through the database and finds:

Normal Text: hello
Md5 Hash: 5d41402abc4b2a76b9719d911017c592

It displays the Normal Text

Robbie · 10-11-2007, 05:11 PM

Just like Hitman's big rainbow table he uses ;p

Thread: classes help

Thread Tools

Posting Permissions