3. Not lazy salting algorithm

Not lazy salting algorithm

No, it's not recommended because bigger and bigger cryptographic attacks keep getting published, eventually that'll mean a complete break, and that probably won't be that far from now.

What you're doing is speculating. That's your personal opinion.

Current issues are not brute force, there's much more sophisticated password cracking methods than brute force and rainbow tables, both are effectively obsolete.

There is no method that exists at this time that will efficiently reverse engineer a set of passwords hashed in this method (even with a pseudo random generated number as the salt). You are just showing that you have no experience in the area you're talking about.

What the fuck are you even talking about? You're just pulling numbers out of your ass. It takes seconds to generate MD5 collisions, and only a few hours to find a chosen-prefix collision, both on decade-old hardware.

I said a collision that would work. As in one that would work as the ACTUAL password. Just because you get a collision against a salty hashed up password, doesn't mean you have the password or even a working string that can act as the password. This is my biggest problem with PHP "developers". Everyone of them I've ever seen on the internet tend to know nothing about real programming. They just read security blogs, join seminars, and probably even learn how to code from a box.

I think the part that makes me laugh the most isn't your lack of knowledge, level of incompetence, or even your inability to prove me wrong. The part that makes me laugh the most is that you even repeat yourself like having the last work makes you even slightly more authoritative or right than you were before:

Face it, you're doing things wrong. Swallow your pride and just admit it.

My final conclusion is that you must still be working at a grade school math level, because you've yet to prove or disprove anything. Come back when you have my password. Even better yet, feel free to login to my account and post as me, admitting that I'm wrong. I give you full permission to do so IF you do so by reverse engineering that MD5 hash.

/r/PHP Thread Parent Link - gist.github.com
Previous
Next

Recently removed from /r/PHP

My company wants me to start having some PHP knowledge Longhorn PHP is November 3-5 (Thursday-Saturday) this year. Schedule's out, Early Bird pricing available. Small appreciation post for PHP8 What pragmatic value does PHP provide? Facebook PHP source code from August 2007 PHPStan composer license: MIT or GPL ? Are there apps that will send me an email when PHP errors happen? If so, what are some good ones I should know about? Valid concerns are raised about the JIT What is the perception (and value) of PHP in the marketplace today? Performance issues storing images in MySQL blobs? (high load website) PHP and the secrets of emergent architecture The PHP Desktop project is seeking companies to help make the project great again. Please see the Sponsors and Fundings sections on the project's main page. 5 Benefits of Choosing PHP Programming for Website Development PHP Weekly Discussion (September) TIL that json_decode() returns NULL if the json is malformed.

More Random Comments

Will there be a mixed ladder with both the pc and console version? Looking for a morale boost PROPUESTA ELECTORAL: CULTURA TIL The United States Defense Budget of $698 Billion is More Than the Next Seventeen Nations Combined Looking for advice, harassment from OCS Psychology? I am very interested in it, but I have now seen three counselors (Masters Degrees in psychology) and every one of them has been a complete idiot. Is psychology even less of a 'hard science' than I thought? Is it just bunk? Today is a sad day brothers. Mouse was smashed due to "not enough time spent with me" Cord blood banking? (plus tiny intro) REAL graduate student funding data: Minimum packages provided by each department, SGS 2011-2012 A Father Of Four Hears Silence For The First Time Eduskunta hyväksyi ilmastolain Man arrested for refusing to give phone passcode to border agents Row with bus driver over €50 note ‘traumatised’ student My Sons' Vaccine-Related Measles | Vaccination Information Network Boehner’s decision to invite Netanyahu to address Congress without first consulting the sitting president has no precedent in American history. Because it’s unconstitutional. The Constitution says that the president “shall receive ambassadors and other public ministers” from foreign governments.