[TYPO3-english] TYPO3.ORG hacked
Frank Weindel
fjw24 at drexel.edu
Fri Nov 14 21:34:40 CET 2008
Robert Lemke wrote:
> A general note: it doesn't matter much if a password is md5 hashed
> or not - md5 is just a hash and not encryption. Nowadays it's relatively
> easy to generate a password out of an md5 hash, especially if it is a weak
> password with few characters and without special chars.
Tell me if I'm wrong, if some secret string is appended to the password
before it is hashed wouldn't that make it extremely hard for the
password to be cracked if the secret was not found out?
More information about the TYPO3-english
mailing list