Skip to content
View in the app

A better way to browse. Learn more.

Tip.It Forum

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

Super-Password-Protection - md5(md5($pass))?

Featured Replies

I was just wondering if, for things like user password fields, it was possible to double md5 hash a string. There's plenty of md5 decrypters out there, just with google, but would this be practical? Would it do anything?

its possible , but not really necessary.

 

 

 

Yes it would change the hash , but as md5 becomes more and more vulnerable, it will barely slow anything down.

I like to fart silently but deadly in movie theaters
Ard Choille says (11:41 PM):

I wouldn't dare tell you what to do m'dear

  • Author

So any recommendations on good hashes, password protection with db's in general?

I know it sounds stupid, but don't allow access to your database :P

 

 

 

 

 

thats the ONLY effective defense. And as you can tell from the recent little oops , its VERY easy to miss something when writing a script so ALWAYS sanitize your input.

 

 

 

 

 

You might want to check this article out though , its rather informative and might help you decide on an alternative

 

 

 

http://it.slashdot.org/article.pl?sid=0 ... 2&from=rss

I like to fart silently but deadly in movie theaters
Ard Choille says (11:41 PM):

I wouldn't dare tell you what to do m'dear

There's plenty of md5 decrypters out there
Not strictly true. there are websites that have a list of words and thier equivalent md5 hash but there is no formular to reverse an md5 string itself.

 

 

 

banana = 72b302bf297a228a75730123efef7c41 (very easy for a dictionary to get)

 

Banana = e6f9c347672daae5a2557ae118f44a1e (capital B creates a completely new unique string)

 

B4n4n4 = e112e3b90b31b6c4993e71bf67c624a5 (replacing letters with numbers again creates a new string)

 

B4nan4z! = 452ed7e654e66d745b9470218c74755e (non dictionary word, letters and numbers with special characghters '!' creates a password which is incredibly hard for an md5 database to guess at)

 

 

 

There is no point in double md5ing a password, just make a better password up and youll have no problem. The reason why ppl got their passwords guessed before was because it was too easy, ie no numbers all lowercase etc.

612d9da508.png

Mercifull.png

Mercifull <3 Suzi

"We don't want players to be able to buy their way to success in RuneScape. If we let players start doing this, it devalues RuneScape for others. We feel your status in real-life shouldn't affect your ability to be successful in RuneScape" Jagex 01/04/01 - 02/03/12

Create an account or sign in to comment

Important Information

By using this site, you agree to our Terms of Use.

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.