On 05/27/2011 01:07 PM, Sergei Golubchik wrote:
> Hi, Kristofer!
> On May 27, Kristofer Pettersson wrote:
>> Sergei Golubchik skrev 2011-05-27 11:24:
>>> Just curious, why do you guys want new authentication plugin
>>> that uses sha256 and salt?
>>> Was the current (double SHA2) security found flawed?
>> There is no evidence that it is flawed and there is no evidence of
>> successful cryptographic attacks.
> I see. Good to know.
>>> Or you just like it salted?
>> Yes. It is suppose to make it more difficult to construct MySQL
>> specific rainbow tables.
> We even tried to use salted hashes once, but had to revert it.
Just curios: why did you have to revert it?
> I hope you will be more successfull at it.