submitted by rajkhatsuriya
@DeveloperMemes If I understand it correctly, the last statement is actually an indication, that the passwords are not safe at this service, since they are stored in plain text instead of hashes. You shouldn't register here at all. Am I correct?
For every row in the database calculate the hashed password given the user-specific salt. If there's a duplicate you can find it even without storing anything insecure.
It also does not require any brute force.
It's pretty stupid b/c these hash algorithms are purposefully intense in calculations
@DeveloperMemes Now I am thinking about it, these imposed password policies are just facilitating password brute force. if we think about it. We may make the cardinality bigger, but then substract a whole big chuck of possibilities.
@DeveloperMemes that's why complexy constraints are bad
cybre.town is an instance of Masterdon, a decentrialized and open source social media plattform. This instance is especially about tech/cyber stuff and is also available inside the tor network. - The name is inspired by cybre.space.