On Friday 08 June 2012 10:15 Andreas Schneider wrote: > You know there is this rocket sience technology from the 70ies. It is called > salt in cryptography. I suggested several times to use salting in owncloud > but we still don't have it. > > First linkedin: > http://www.h-online.com/security/news/item/LinkedIn-confirms-that-user- > passwords-were-compromised-1612554.html > > then last.fm: > http://www.lastfm.de/passwordsecurity > > > next: your owncloud installation ...
Now I don't know much about cryptography, but I read the code, followed the password, and to me it looks like you're spreading FUD: https://gitorious.org/owncloud/owncloud/blobs/master/3rdparty/phpass/PasswordHash.php#line208 -- Med venlig hilsen / Best Regards Thomas Tanghus _______________________________________________ Owncloud mailing list [email protected] https://mail.kde.org/mailman/listinfo/owncloud
