Korbinian Bachl wrote: > > to get a wanted md5 collision requires a person that uses a rainbow > table under 1h time by a successrate at about 99,9% - > http://www.antsight.com/zsl/rainbowcrack/ > No admin will try to break the code ;) it seems secure enough for an obfuscating
Korbinian Bachl wrote: > > you want to use SSL (TLS now called) for this! -> go to a banklogin and > you see changing the http://www.mybank.com to https://www.mybank.com > That's it! Why didn't I think about it before? don't know, maybe too tired... But isn't TLS a lot slower (very expensive)? I don't need a full secure site... only some very specific pages need security Korbinian Bachl wrote: > > 1. there are under 100 people on this planet that know how to write a > secure crapto algorithm - and believe me that we two arent anywhere near > them :) > I know it, and I'm none of them :) ! sorry for my bad english, I'd better to write "I know how to hash some data with md5 under java". Frenchies are usually bad with other languages ;) SSL/TLS looks pretty well... And gives a "securised" feeling to the user :) -- View this message in context: http://www.nabble.com/How-to-secure-passwords--tf4936916.html#a14136094 Sent from the Wicket - User mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]