How to save passwords more secure?!

Casey Harkins caseyharkins at
Sun Jun 22 00:42:31 EDT 2008

On Sun, 2008-06-22 at 02:45 +0200, skyout at wrote:
> So my question is: Isn't there a more secure and better way to save
> passwords

As Hylke already responded with a link to the relevant wiki page, I
assume this and most of your other points were addressed.

> Just a suggestion: Would it work to make something like a hash algorithm
> (maybe
> use an existing like SHA-512)

I just wanted to point out that hashing is not really an option. The
servers we authenticate with need the real password, not a hash. Since
hashing is one-way, we wouldn't be able to authenticate with only a
hash. If servers accepted a hash, then we're back to square one as the
hash could be pulled from the file and sent directly to the
server. (This should probably get added to the wiki page too as I think
its come up a few times.)


More information about the Devel mailing list