Changes between Version 2 and Version 3 of Ticket #1030, comment 4


Ignore:
Timestamp:
02.11.2016 22:59:01 (6 years ago)
Author:
JuergeN
Comment:

Legend:

Unmodified
Added
Removed
Modified
  • Ticket #1030, comment 4

    v2 v3  
    77As a result one cannot find out a user's password if any of the components is missing. Even if you have the database but not the server side fixed salt (e.g. from a database backup), you still cannot find out the user's password. 
    88 
    9 You might also want to read this informative articles on the issue:  
     9You might also want to read these informative articles on the issue:  
    1010https://crackstation.net/hashing-security.htm 
    1111https://www.owasp.org/index.php/Password_Storage_Cheat_Sheet