Coffeehouse Post

Single Post Permalink

View Thread: Apparently the IPO didn't fund Linkedin enough to hire decent programmers
  • User profile image
    Sven Groot

    @magicalclick: What you're doing here is basically double hashing, and using a homegrown algorithm with no known security guarantees as the first hash. It's a terrible idea.

    Additionally, the only reason that would be any more secure than just hashing the passwords is if the hackers don't know that you're doing it. This is security by obscurity, which is also a terrible idea.

    Just salt the damn hashes, problem solved. Wink