Storing user passwords - Hashing with Salt

[Yoh Asakura 9]

We're already in 2019 and I wonder if this project will be continued since it's a recommended security measure to keep user info safe.

https://github.com/HerculesWS/Hercules/issues/74

 

Kind Regards.

Edited June 2, 2019 by Dastgir
Moved to proper forum

[Dastgir 1246]

On 6/1/2019 at 7:05 AM, Yoh Asakura said:

We're already in 2019 and I wonder if this project will be continued since it's a recommended security measure to keep user info safe.

https://github.com/HerculesWS/Hercules/issues/74

 

Kind Regards.

https://github.com/HerculesWS/Hercules/pull/466

But this is not implemented yet as there's concern of DoS Attack

[cookie-rae 6]

On 6/1/2019 at 9:35 AM, Yoh Asakura said:

We're already in 2019 and I wonder if this project will be continued since it's a recommended security measure to keep user info safe.

https://github.com/HerculesWS/Hercules/issues/74

 

Kind Regards.

Yes this md5 is broken since then if the password contain of 255 length and then it will converted to a high data computation that make stress of server cpu.
For example you have a 512MB ram and you enable password md5. I remember the flux panel enable to change 100k LENGTH of character that converter to MD5.