Forget your md5 or else

No! Just no! Sorry will not fix the fact he saved them in clear text. He deserves it 😒

The gun looks.. Wrong.

Also, I'm not gonna comment on the "posture arrow" on their backs..

Clear text passwords, eh.

They should aim lower and shoot upwards for maximum pain before death occurs.

Plain text: Death sentence.
Unsalted Hash: Chop off a hand.
Hash with global salt (pepper): Ten lashes from the whip.

Always use both pepper and salt with your hashes! 😁

@bittersweet i ruined you 8888 :) oh and ofc double salted sha

@Salmakis A little bit of sriracha, maybe some parsley... roast your hashes until they're a dark golden brown. Security is not that hard.

Why is his first suggestion 'memory leak'? Are those really death sentenceable?

My comp stores passwords in md5, don't even bother to salt and they have no idea how to access the backend to fix this shit.

And I'm sitting there feeling like caressing a switch to eviscerate the company. Sigh...

Why salt passwords when you can pour honey in them? 🍯🍯🍯😋

A friend told me that a hungarian public transport company (called BKK - Budapest Transport Center or sg.) used plain text to store users passwords. Show'd me this repo, in which some hungarians created a library for BKK's hashing method in several languages.

https://github.com/moszinet/...

Edit: typo

@bittersweet I always burn my hash ☹️

I came across this today in one of our internal apps...

I wish I had a firing squad to hand.

@usethedocsluk you are correct. Source: I'm Hungarian.
There also was an exploit where you could buy tickets for 1 Huf.
The company sued the kid who discovered and reported it immediately.

md5 or bcrypt?

@DjSall wow. I hope the kids won the case.

@iguana it was covered up by the government. No one knows.