Actually, HMAC[1] is pretty much that — hashing twice and adding keys. [1]http://en.wikipedia.org/wiki/HMAC
On Jun 28, 10:06 am, Jordi Boggiano <[email protected]> wrote: > No. You don't hash twice, ever. This does nothing to improve the > security, quite the contrary since it gives a deterministic length and > reduces the number of possibilities required to bruteforce. -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups "symfony developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/symfony-devs?hl=en
