Wouldn't it be easier to "guess" the passwords then? If you know both input and ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		rplnt on May 22, 2014 \| parent \| context \| favorite \| on: eBay user data for sale? Wouldn't it be easier to "guess" the passwords then? If you know both input and output.

valarauca1 on May 22, 2014 [–]

It wouldn't be difficult, but a bandage is better then leaving a gaping wound. Yes it would be better store a second salt and do a scrypt style password generation.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact