However don't feel bad if you use SHA-1.ĭon't just hash the password, but put other information in it as well. It's also implemented in most languages as part of the standard security suite. SHA-256 uses 64 characters in the database, but with an index on the column that isn't a problem, and it is a proven hash and more reliable than MD5 and SHA-1. Points 2, 3 and 4 are still worth paying attention to. SHA (all variants) is now trivially breakable, and best practice is now (as of Jan 2013) to use a key-stretching hash (like PBKDF2) or ideally a RAM intensive one (like Bcrypt) and to add a per-user salt too. If someone demands your password, refer him or her to your system administrator or the University security administrator in Office of Information Technology.This 2008 answer is now dangerously out of date. #Good passwords to use passwordIf you suspect your account or password has been compromised, report the event to the appropriate system administrator and the University information security administrator and change your password immediately.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |