Me: Browsing the security of a website.

Tell the website developer that they are using the SHA-1 hashing algorithm for encrypting the credentials of it's registered users.

Them: Yeah, so what?

Me: You shouldn't be using an algorithm which was exploited years ago in the age of 2016.

Them: Don't worry, nothing will happen.

Me: *facepalm*

  • 23
    Nothing will happen till something will happen. He's right.
  • 1
    @JS96 Haha, i see that context.
  • 11
    @Deco just leave that company before something will happen. ;)
  • 3
    @Deco so, some grey hat hacking us in order? I'm sure at least a few people on devRant could show this guy why he should update his security..
  • 1
    then guys what do you suggest ?
  • 5
    @Jung AES 256, Twofish and Blowfish are quite common choices and well supported across the board.
Add Comment