No, they weren't. According to the "Release Notes", they were using a DES-based ... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

gthank on Dec 14, 2010 | parent | context | favorite | on: The Dirty Truth About Web Passwords

No, they weren't. According to the "Release Notes", they were using a DES-based crypt scheme. Read up on tptacek's (http://news.ycombinator.com/user?id=tptacek) comments on the matter.

pietrofmaggi on Dec 14, 2010 [–]

Yes, as you told, I was writing from my memory and I remembered having read DES encryption with password in source somewhere.

But It seems it was a DES based hashing: http://www.duosecurity.com/blog/entry/brief_analysis_of_the_...

[edit] deleted the parent post because I could not find the article I remembered (which was probably wrong anyways).

Consider applying for YC's Spring batch! Applications are open till Feb 11.
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact