Il giorno 13/feb/2013, alle ore 22:07, Donald Stufft <[email protected]> ha scritto:
> On Wednesday, February 13, 2013 at 4:05 PM, Giovanni Bajo wrote: >> You probably forgot to tell your security researcher that we *start* from >> sha1 hashes. >> > No I told him, But Richard has said he's going to do a forced password reset a > week after he sends an email to everyone informing them of that. Int hat case > the risk > to keeping the unsalted sha1's around for another week is pretty minimal. Yes, agreed. -- Giovanni Bajo :: [email protected] Develer S.r.l. :: http://www.develer.com My Blog: http://giovanni.bajo.it
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Catalog-SIG mailing list [email protected] http://mail.python.org/mailman/listinfo/catalog-sig
