?

Log in

No account? Create an account

Previous Entry | Next Entry

Password Protection

First read this article: http://www.codinghorror.com/blog/archives/000949.html
Then this one: http://www.matasano.com/log/958/enough-with-the-rainbow-tables-what-you-need-to-know-about-secure-password-schemes/

It seems that a simple and easy protection against rainbow tables is to use a random salt per user stored in clear text. I was wondering if instead of a single salt you could use a selection of hash functions. Instead of storing the salt you store the set of hash functions you used in the order you used them. It seems as if this would surely defeat the attack from the Rainbow table. The only downside is that you have to have several good hash functions, which is not trivial.

Latest Month

July 2011
S M T W T F S
     12
3456789
10111213141516
17181920212223
24252627282930
31      
Powered by LiveJournal.com
Designed by yoksel