Strengthening hash #64
Labels
Milestone
Comments
|
Thanks for the suggestion 👍 |
|
Note the difficulty of backwards compatibility. You might need to hash with both algos, delete old hash and store new hash when players login so as to support hashes generated in previous versions. |
|
Ok. I'll keep this in mind |
|
I just found this from php.net, explaining the danger of directly using a simple hash algorithm. |
|
This might give some inspiration PEMapModder/HereAuth@7e5836c |
|
Thanks 😄 |
|
Use password_hash. BCrypt 4 life. |
|
A new multi hash feature is coming to the new version of ServerAuth. |
|
Coming in v3.0 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hash security can be strengthened with salt. If you add the username as salt (remember to make it case-insensitive) to the password, in case the database is leaked, it is less easy to find out that two people have the same password.
The text was updated successfully, but these errors were encountered: