On Friday 09 April 2010 09:49:24 am Evan Carroll wrote: > The vulnerability was never against salted_hash. I've since learned > what Crypt::SaltedHash is I just don't believe I have a reason to use > it. Why would I want to use something that serializes the hash and > password into one database column when I can simply store them > separately?
Why would you want the complexity of storing them separately when you could do it the way every other system on the planet does it? Why would you add duplicate functionality that's inferior to what it duplicates? _______________________________________________ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/