Changes between Version 2 and Version 3 of Ticket #1030, comment 4
- Timestamp:
- 02.11.2016 22:59:01 (8 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
Ticket #1030, comment 4
v2 v3 7 7 As a result one cannot find out a user's password if any of the components is missing. Even if you have the database but not the server side fixed salt (e.g. from a database backup), you still cannot find out the user's password. 8 8 9 You might also want to read th isinformative articles on the issue:9 You might also want to read these informative articles on the issue: 10 10 https://crackstation.net/hashing-security.htm 11 11 https://www.owasp.org/index.php/Password_Storage_Cheat_Sheet