Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
Outdated and insecure / weak password hashing #7079
Currently it seems weak password hashing algorithms are used.
The current standards are bcrypt, scrypt / libsodium.
Also the following code does not use a CS(P)RNG and is vulnerable for specific attacks:
SHA(256), MD5 and so on are also not meant for password hashing (single iteration).