Password hash not using salt.

richjoslin / rivety

An extension of the Zend Framework for easily building websites with logins, permissions and roles, CMS, etc. [WARNING: ABANDONED]

Other

2 stars 1 forks source link

Closed jaybill closed 12 years ago

jaybill commented 12 years ago

Password hashes are not using a salt, meaning that anyone who got the list and a rainbow table would be able to guess a bunch of passwords.

jaybill commented 12 years ago

Fixed. This also uncovered some additional bugs, which I also fixed: