MyBB's Password Encryption Method?
#11
(2010-08-13, 05:10 PM)TheLifelessOne Wrote:
(2010-08-13, 04:20 PM)Pirata Nervo Wrote:
(2010-08-13, 04:14 PM)TheLifelessOne Wrote: That seems kinda unsafe.
Wouldn't SHA-1 be more secure?

No, they're basically the same since they're both optimized to be fast and both have been cracked already.
That's why you use a salt and md5 everything at the end

SHA-1 is actually slower (on most systems), and it usually more secure.

(2010-08-13, 05:00 PM)DougSD Wrote: I think encrypting two encrypted strings would be pretty safe... Wink

You should just implement a one-time pad. Toungue

Just because it's more secure it doesn't mean it can't be cracked. Someone who wants to crack an md5 hash can also crack a sh1 hash. Plus it's not that much secure compared to md5
All my plugins are available for free at MyBB Extend and on my GitHub. MyBB-Plugins.com has been closed and none of my plugins are officially maintained or supported.


Messages In This Thread
MyBB's Password Encryption Method? - by Spencer - 2010-08-13, 04:40 AM
RE: MyBB's Password Encryption Method? - by KuJoe - 2010-08-13, 04:51 AM
RE: MyBB's Password Encryption Method? - by KuJoe - 2010-08-13, 05:25 AM
RE: MyBB's Password Encryption Method? - by Diogo Parrinha - 2010-08-13, 05:14 PM

Forum Jump:


Users browsing this thread: 1 Guest(s)