Back to list
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Re: Validating if password is encoded or encrypted
Oct 03 2011 04:19AM
Sergey Soldatov (votadlos gmail com)
If something is encrypted, cypher text is pseudorandom. This is also
true for hash function (aka message digest like MD4, MD5, SHA, etc)
output. Pseudo random sequences are not compressed by archives. So,
you can check that stored encrypted passwords are random: take a
number of them ...
[ more ]
Copyright 2010, SecurityFocus