search

Spodii / netgore

Cross platform online rpg engine using C# and SFML
http://www.netgore.com/
40 stars 16 forks source link

Salt password hashes in database #254

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago 
Add a salt to the password hashes in the database. Define the salt in the 
server settings (as a string), and have it default to an empty string.

When running the server in release mode, and no salt is provided, throw an 
exception.

Be sure to note that changing/adding a salt will destroy all current passwords 
and that you cannot just "update" password with the new salt.

Original issue reported on code.google.com by Spodiii on 18 Nov 2010 at 9:53

GoogleCodeExporter commented 9 years ago

Original comment by Spodiii on 22 Nov 2010 at 2:54

GoogleCodeExporter commented 9 years ago 
Its going to be a log.Warn message shown always instead of throwing an 
exception since there is no clean way to check if not in debug mode without 
using #if/#endif (which I like to avoid whenever I can).

Original comment by Spodiii on 22 Nov 2010 at 3:09

GoogleCodeExporter commented 9 years ago 
This issue was closed by revision r4291.

Original comment by Spodiii on 22 Nov 2010 at 3:10