Hello William, http://www.cypherspace.org/~adam/rsa/crack.html
----- Original Message ----- From: "William Bartholomew" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Sunday, October 20, 2002 5:03 PM Subject: General Password Hash Question | This is a general crypto question but not Crypto++ specific so I hope | nobody minds (is there a better mailing list for crypto questions?). | | When hashing passwords to store in a database for a user login system | I've heard many recommendations that you should prepend a salt onto the | beginning of the clear-text. Just a couple of questions regarding this: | | 1. What is the primary reason to do this? | | 2. Should the salt be different for each user? | | 3. Do you just store the salt in clear-text with the user record? | | 4. What length salt would be suitable for most purposes? | | | Thanks. | | | Regards, | | William Bartholomew | Internet Developer | Orli-TECH Pty Ltd | "Your Innovative e-Business Partner" | | Web: http://www.orlitech.com.au | Email: [EMAIL PROTECTED] | Phone: +61 7 3292 0220 | Fax: +61 7 3292 0221 | | Visit our online store http://www.instantit.com.au | | This electronic communication (including any attached files) may contain | confidential and/or legally privileged information and is only intended | for the viewing purposes of the person to whom it is addressed. If you | are not the intended recipient, you do not have permission to read, use, | disseminate, distribute, copy or retain any part of this communication | or its attachments in any form. If you receive this email in error, | please contact us on +61 7 3292 0222 or by email and delete all copies. |
