Henryk Plötz on Nostr: npub19lt42…6qfjk npub1mjjwe…7h2pr No, it *is* necessarily bad. Salting only works ...
npub19lt4284mghqxekzm6n5njxurnxrxhqhrva2leusdsuu5ja5jeycq66qfjk (npub19lt…qfjk) npub1mjjwe95dghhw434k4vsvxs5yl6gcr6kupghf5u0dgcvhga0w94sqe7h2pr (npub1mjj…h2pr) No, it *is* necessarily bad. Salting only works with the complete password. Even a salted 1-character hash has only ~60-80 possible values that can be quickly enumerated.
Now, you could try to handwave something about secure environments, SGX, or something, but I doubt that very much.
I'd lean towards informing the relevant regulatory body that the site in question employs unsafe security practices, likely incompatible with whatever they're required to do.
Now, you could try to handwave something about secure environments, SGX, or something, but I doubt that very much.
I'd lean towards informing the relevant regulatory body that the site in question employs unsafe security practices, likely incompatible with whatever they're required to do.