• psud
    link
    fedilink
    arrow-up
    1
    ·
    1 month ago

    If the password hashes aren’t salted they can be cracked with a rainbow table - every password up to (whatever length the rainbow tables go up to now - 10 chars?) is easily cracked in seconds

    I expect Internet archive salts their password hashes.

    It doesn’t matter if the salting method is known, all salting methods are known and it’s easy to see what salt a password is hashed with as you need to know so you can hash a received password the same way for validation