Hi guys, I just saw the new release announcement and I had an idea.
What if, in addition to sorting the hard to compute hash for every password, we will also store the sha 1 hash of the first 5 characters ofthe password's sha1 hash? Wouldn't this allow us to quickly rule out 99% of passwords, thereby defending against dos attacks, while atthe same time not letting an attacker who obtained the hashes to get the passwords? I'm not a security expert, just brainstorming. Thanks, Ram. -- You received this message because you are subscribed to the Google Groups "Django developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/django-developers. For more options, visit https://groups.google.com/groups/opt_out.
