PureBasic Forums - English

Posted: **Sat Oct 01, 2016 12:02 pm**

The "next big thing" is already here in the form of algorithms like bcrypt that allow
the complexity ("amount of work for hashing") to be increased over time.

Generally, hashing algorithms from the SHA family and other "fast" algorithms should be avoided.
Speed for password hashing is actually a bad thing as this allows an attacker to try more combinations in less time.

For things like file hashing, MD5/SHA1 etc. can still be used, but please do not use them for password hashing
or anywhere else where security is a concern!

Posted: **Sat Oct 01, 2016 6:17 pm**

Yep folks, this is all clear !

But again, i will ask you all
What is the way for bruting this sample, without knowing the salt ?

I self use a long time only SHA3, before it was coming with PB540
But, this is not the reason, the reason is, you can this sample not brute or what ever without a known salt
So you known the salt, you must make your own wordbook attack, rainbow tables for MD5 working here not
It is sooo simple, a lot of things everybody can do against table attacks, not only 'stupid' a salt
And a good password must not are a simple word
Each programmer how create rainbow table sensitive hashes, has, i self think, simple things not understand

This is more as a lot to do for breaking a clever created MD5 password hash, i think....
And further, i think, nobody can this

Code: Select all

EnableExplicit
UseMD5Fingerprint()

#salt$="86349c23q03457t5&(%)=/?=/()/%$%§?(/§"
Define password$="Your Password"
Define resulted_string$=password$+#salt$
Define hash$=Fingerprint(@resulted_string$, StringByteLength(resulted_string$), #PB_Cipher_MD5)
Debug hash$

Posted: **Sun Oct 02, 2016 8:53 pm**

Now, what we see...
It´s simple to say things are bad

It's simple not ever necessary for changing a password base to SHA3
Mostly it is business, not idleness...

PureBasic Forums - English

MD5 and password store

Re: MD5 and password store

Re: MD5 and password store

Re: MD5 and password store