this post was submitted on 12 Mar 2024
39 points (93.3% liked)
Cybersecurity
5730 readers
134 users here now
c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.
THE RULES
Instance Rules
- Be respectful. Everyone should feel welcome here.
- No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
- No Ads / Spamming.
- No pornography.
Community Rules
- Idk, keep it semi-professional?
- Nothing illegal. We're all ethical here.
- Rules will be added/redefined as necessary.
If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.
Learn about hacking
Other security-related communities [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected]
Notable mention to [email protected]
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Really? The example "bank+[40 character password]" was just an example. Obviously I wouldn't use bank for my banking credentials. I was also under the impression that many websites and applications wouldn't store or transmit plaintext passwords (I wouldn't use http for transmitting credentials). I do concede that there is a news story every month about a corporation getting hacked and the user's passwords were stolen and in plaintext so they could compromise me that way. But I don't think hackers are really going after me because I'm broke. The government maybe. This is really just so I can have a convenient way to have a complex password. I can't remember 5 different 15-20 character complex passwords.
I think you have the right idea. You are using "bank" as a salt so the hash should be acceptably secure.
Yes. And every application has a different salt. I really just hope these websites don't store plaintext passwords.