Reply to post: Password hashing

620 million accounts stolen from 16 hacked websites now for sale on dark web, seller boasts

MJB7 Bronze badge
Boffin

Password hashing

I can't see *any* mention of PBKDF2 in the password hashing. Is that because nobody used it, or because the journalist didn't realize the importance?

(For those that don't know, PBKDF2 is an algorithm to iterate a hash function many times. A database where the password has been hashed with MD5 100,000 times is at least 10,000 times better protected than a database where the password has been hashed with SHA512 once.)

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019