4 Aug
2018
4 Aug
'18
9:59 a.m.
| From: Stephen via talk <talk@gtalug.org> | Is it not terrible practise to store unencrypted passwords on a web site? Yes. But even if you hash them (best practice) with a slow hash function (best practice but not as common as one would hope) with salt (also best practice), they may well be crackable off-line using GPUs and rainbow tables. Most peoples' passwords area easy to brute force. I would have thought mine was a bit tough.