hashtable - Salting: Is it reasonable to use the user name? -
Instead of storing a random string with names, I use the username as a tool for the salt password I am doing My justification is that the purpose of salt is being prevented from rainbow tables, is it actually less secure than the second set of data in it?
For example,
hash (md5 (johnny_381@example.com), p4ss \ / \ / 0rD)
Vs
hash (md5 (some_UUID_value), p4ss \ / \ / 0rD)
Is there any real reason that I am not just with the username Can I be unable to make things easier? The only thing as a result of my web search was that the salt should be a password like like but it should end without any argument, where I'm under this assumption, it's just like one To stop the Can and Power Cracker to run it without a one million years range. Thinking about the processing limitations of reality, I do not believe that if people know that this is a great deal, then they still do not know the password, and they have gone into the super computer borders, for each person's Hush
Can anyone publish me here?
You will participate in problems when the user name changes (if it can be changed) There is no way you can update the hashead password, because you do not consolidate unsolicited, unwanted passwords.
Comments
Post a Comment