https://bugzilla.wikimedia.org/show_bug.cgi?id=28050
Reedy <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |INVALID --- Comment #1 from Reedy <[email protected]> 2011-03-15 00:22:50 UTC --- Which is exactly the same as normal login. Also, how are we supposed to then hash the password with a salt? (Note this is off the top of multiple head, no code access atm) Which also limits the hashing types... That and md5 isn't the most secure. And many lookup tables exist to try and get your password from the hash. Besides, if the zoo accepts hashes, if your hash is intercepted, you're back to square one. Also, if we expose the salt, it gives the same issues -- Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug. _______________________________________________ Wikibugs-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
