In case of Mathway, the storage mechanism for the passwords is PHPASS, which gets salted MD5. Allan says " if I wanted to crack these passwords,I could do so on a rig that computes millions of MD5 hashes a second. With more secure cryptographic hashes, such as bcrypt or scrypt, it is much slower to compute the hash."
https://www.scmagazine.com/home/security-news/mathway-breach-latest-caper-for-shiny-hunters/
https://www.scmagazine.com/home/security-news/mathway-breach-latest-caper-for-shiny-hunters/
No comments:
Post a Comment