top | item 42956159 (no title) sscarduzio | 1 year ago what I would have naturally done without anticipating any flaw (and probably be just OK): cache_key = sha(sha(id + username) + bcrypt(pass)) with sha256 or something. discuss order hn newest throwaway-9111|1 year ago Why not a simple sha(id + username + bcrypt(pass))Is there any security issues with that? I'm a "newb" in this area, so I'm genuinely curious about the flaws with the naive approach
throwaway-9111|1 year ago Why not a simple sha(id + username + bcrypt(pass))Is there any security issues with that? I'm a "newb" in this area, so I'm genuinely curious about the flaws with the naive approach
throwaway-9111|1 year ago
Is there any security issues with that? I'm a "newb" in this area, so I'm genuinely curious about the flaws with the naive approach