On Fri, Aug 29, 2008 at 09:01:26PM +0000, Muffys Wump wrote: > Master Password: hash(hash(login_password)) > > Would this be a good idea if we've used this generated hash as a key for AES? > Would the hashing be secure enough against different kinds of attacks?
You want to look at something like PKCS#5 for generating keys from passphrases. -- Dan.
pgpuJNQGmf37b.pgp
Description: PGP signature
