Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
tylersmith
on Oct 6, 2017
|
parent
|
context
|
favorite
| on:
Disqus Security Alert: User Info Breach
It was not at all cutting edge. In 2012 I helped a number of companies move from bcrypt to scrypt.
pwg
on Oct 6, 2017
[–]
Which is what the article says Discus did, they moved /from/ sha1 /to/ bcrypt in 2012. Same as the companies you helped, in 2012.
tylersmith
on Oct 7, 2017
|
parent
[–]
No, those companies did not use SHA1 in 2012 or any time close to then. They used bcrypt until they upgraded to scrypt.
SHA1 was useless for passwords long before then.
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
