Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
miguelpais
on June 6, 2011
|
parent
|
context
|
favorite
| on:
A brief Sony password analysis
If the salt is the same for all the users you can have it on the source code that hashes the passwords. Not always being SQL injected means having the back-end code leaked.
tedunangst
on June 6, 2011
[–]
That defeats the purpose. The whole point is to have a unique salt per user to force the cracker to spend time on every password.
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
