03-09-13, 07:43 PM
(03-09-13, 07:30 PM)Farjo link Wrote: [quote author=goldfazer link=topic=9631.msg98267#msg98267 date=1378059379]Yes they're encrypted, however this is whar I've read elsewhere:
Can the login passwords not be encrypted?
That's web security for dummies stuff!!
"Yes, they are encrypted. Unfortunately it's possible to brute force with about 3 billion, or more, attempts *per second*.
A very interesting article about that, if you care, is located here:
http://www.zdnet.com/blog/hardware/cheap...less/13125"
[/quote]
MD5 and SHA are designed to be processed quickly. That's why they're not good for storing passwords as brute force attacks get a quick response. The way around it is to make the processing slow because passwords don't need to be decrypted quickly. That's where Bcrypt comes in.
https://en.wikipedia.org/wiki/Bcrypt
Opinions are like A**holes, Everyone has one. Some people seem to have more than one though which is a bit odd.