发表新帖
发表新帖

Can I md5(sha1(password))?

前端 未结
关注
5 1276
暖寄归人
暖寄归人 2021-01-07 12:41

I\'m currently coding my own CMS and I\'m at the state of password...

I want to know if I can md5 a password then sha1 it after?

Li

5条回答
  • 时光取名叫无心
    时光取名叫无心 (楼主)
    2021-01-07 13:32

    Yes you can. No it doesn't make sense.

    The security of chained hash functions is allways equal to or less than the security of the weakest algorithm.

    i.e. md5(sha1($something)) is not more secure, than sha1($something): If you manage to break the sha1, you get the md5 for free, as shat($something) and sha1($faked_something) have the same value, and thus md5ing them will not change anything.

    0 讨论(0)
 看不清?
提交回复
热议问题