kratsg Posted February 28, 2008 Share Posted February 28, 2008 It may be that if they don't know the hashing technique, (such as encrypting data and storing it in the database as encrypted), they can't glance at it and say.. "Hey! I know what the decrypted version of this is..." so they'd rather just use the site and let the site give them the information (which is easier then going through the database) so going back to my last post... Couldn't they just copy their own password onto all accounts, access the accounts through the site, get the data (decrypted, thanks to the site) and be on their merry way? Link to comment https://forums.phpfreaks.com/topic/77679-whats-wrong-with-storing-your-salt-in-db/page/2/#findComment-479568 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.