Password protecting a data file... how to cope with forgotten password?

Bob Sneidar bobs at twft.com
Fri Jun 15 12:50:25 EDT 2012


If he has access to a rainbow table (and if he is interested in your data he very likely does) it is inevitable. A rainbow table will provide him with other "collision" passwords if it's anything like comprehensive. 

Bob


On Jun 14, 2012, at 4:42 PM, Igor de Oliveira Couto wrote:

> Consider the following scenario: you have stored MD5 hashes (salted or not) to your user's passwords in a database table, which you use in your login system to authenticate and authorise the user. Now, let's say that a clever hacker has managed to break into the 'users' table, and now has the list of hashes for all your users. The question is: how likely is it, that they will be able to come up with *some* string (password/passphrase) that will generate a selected hash from that table?





More information about the Use-livecode mailing list