I implemented an aes-solution for password-storage and made the
database-entries less redundant.
In case the database is successfully attacked and the rest of the server is
still secure. the passwords are not revealed. The passwords are encrypted
using salted AES encryption using the databasepassword as the key.
I have attached the changed files along with a diff.
Original issue reported on code.google.com by ulug...@googlemail.com on 29 Mar 2010 at 11:12
Original issue reported on code.google.com by
ulug...@googlemail.comon 29 Mar 2010 at 11:12Attachments: