SHA1 cracked .... What are the chances this will be addressed in LC?

Bob Sneidar bobsneidar at
Tue Mar 7 10:28:48 EST 2017

Thanks Peter. But then how will I know programmatically if the password is correct or not? 

Bob S

> On Mar 6, 2017, at 02:53 , Peter TB Brett via use-livecode <use-livecode at> wrote:
> On 03/03/2017 18:00, Bob Sneidar via use-livecode wrote:
>> It looks like the encrypt command is already using this method if
>> the "with salt" arguement is provided? At least the encrypted result
>> starts with "salted" and at least part of the salt value.
> Hi Bob,
> The "encrypt" command provides symmetric cryptographic functions, i.e.
> you can decrypt the result again to get the cleartext back.  This is _not_ a desirable property for a password storage system; you should always use one-way (asymmetric) functions, such as a cryptographic hash.
>                                      Peter
> -- 
> Dr Peter Brett <peter.brett at>

More information about the use-livecode mailing list