Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I'm hearing a LOT of conflicting information. The version I keep hearing is that most are salted MD5, but that some old ones are unsalted.


I deleted my reply (where I stated that the passwords were salted).

Apparently the database has a mix of hashing strategies. It started with unsalted MD5 and was improved over time. The format of the PHP crypt output allows you to distinguish between hash types.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: