[Owncloud] Salt
Thomas Tanghus
thomas at tanghus.net
Fri Jun 8 08:40:57 UTC 2012
On Friday 08 June 2012 10:15 Andreas Schneider wrote:
> You know there is this rocket sience technology from the 70ies. It is called
> salt in cryptography. I suggested several times to use salting in owncloud
> but we still don't have it.
>
> First linkedin:
> http://www.h-online.com/security/news/item/LinkedIn-confirms-that-user-
> passwords-were-compromised-1612554.html
>
> then last.fm:
> http://www.lastfm.de/passwordsecurity
>
>
> next: your owncloud installation ...
Now I don't know much about cryptography, but I read the code, followed the
password, and to me it looks like you're spreading FUD:
https://gitorious.org/owncloud/owncloud/blobs/master/3rdparty/phpass/PasswordHash.php#line208
--
Med venlig hilsen / Best Regards
Thomas Tanghus
More information about the Owncloud
mailing list