[TYPO3-english] TYPO3.ORG hacked

Frank Weindel fjw24 at drexel.edu
Fri Nov 14 21:34:40 CET 2008

Robert Lemke wrote:
> A general note: it doesn't matter much if a password is md5 hashed
> or not - md5 is just a hash and not encryption. Nowadays it's relatively
> easy to generate a password out of an md5 hash, especially if it is a weak
> password with few characters and without special chars.

Tell me if I'm wrong, if some secret string is appended to the password 
before it is hashed wouldn't that make it extremely hard for the 
password to be cracked if the secret was not found out?

More information about the TYPO3-english mailing list