Mikado 4 Posted August 7, 2013 (edited) There are thousands of available dictionaries out there with md5 encrypted/decrypted passwords. This is the reason I guess Hercules should move to (or at least, make it available) some kind of "double hash" with salt. Something like md5( salt + md5( password )), where the salt is defined by the server owner with a custom conf setting. Edited August 7, 2013 by Mikado Quote Share this post Link to post Share on other sites
Gepard 55 Posted August 7, 2013 In fact, Hercules is moving to store passwords hashed with bcrypt. You can see progress on this feature here: https://github.com/HerculesWS/Hercules/issues/74 and here: https://github.com/HerculesWS/Hercules/compare/bcrypt 1 GauxeVaugh reacted to this Quote Share this post Link to post Share on other sites
Mikado 4 Posted August 7, 2013 Interesting, thanks! Quote Share this post Link to post Share on other sites
