04-25-2008, 02:31 AM
|
#18 (permalink)
|
|
Wizard
Join Date: Sep 2007
Posts: 1,299
Thanks: 17
|
Quote:
Originally Posted by TlcAndres
The reason they use something like that is first there something called rainbow tables or glorified brute forces that try and guess your password, add a salt and it gets that much harder but they can add the salt to the list and have them md5 that now md5 the password then salt it and md5 it and it just's that much harder to crack...
In the end MD5 and SHA1 have been cracked because computers can't do true random numbers (they're based off algoritms like the twister) and thus reversible. so if a team of determined hackers want your password than they will get them, the only true way to be secure from network intrusion is to black box it - I find security to be more a game of "Tire out the hacker" then "Keep the hacker out" (I refrain from using "he" or "him" because some girls are very nasty hackers..)
|
MD5 was cracked a while ago, there are only rumors of sha1 being cracked. Sha1 nor MD5 use random algorithms because they must come out with the same result every time. They destroy the original value, meaning that even if you can reverse the process, there are unlimited possibilities of what it could be. If you dont have a short or dictionary word password, the hacker wont know one from another. Using two or more wont render much since anyone experienced enough to crack it once would catch on to what it was and just do the process again. |
|
|
|