Hacker News new | past | comments | ask | show | jobs | submit login

I'm hearing a LOT of conflicting information. The version I keep hearing is that most are salted MD5, but that some old ones are unsalted.



I deleted my reply (where I stated that the passwords were salted).

Apparently the database has a mix of hashing strategies. It started with unsalted MD5 and was improved over time. The format of the PHP crypt output allows you to distinguish between hash types.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: