+- SphereCommunity (https://forum.spherecommunity.net)
+-- Forum: Sphere 0.56d (/Forum-Sphere-0-56d)
+--- Forum: General Help (/Forum-General-Help)
+--- Thread: MD5 is becoming weak... (/Thread-MD5-is-becoming-weak)
MD5 is becoming weak... - Ultima One - 03-19-2013 08:27 AM
Any way we could get an ini setting to apply a salt to the password encryption?
Recent issue is an sql injection we had - since we use a web based account system to join with spheres, md5 dictionaries are huge now, and without a salt, decrypting them is getting easier.
Could we encrypt with md5+salt or sha1 / sha1+salt?
Would be far more secure... to many geeky kids about these days ruining stuff
Can't imagine it is a huge change, and I understand it's not an urgent one, but it would be a nice one.