View Issue Details

IDProjectCategoryView StatusLast Update
0006321Multi Theft Auto : San AndreasServerpublic2012-12-16 11:49
ReporterArcAssigned Toccw 
PrioritylowSeveritymajorReproducibilityalways
Status resolvedResolutionfixed 
Product Version1.0.5 
Target Version1.3.2Fixed in Version1.3.2 
Summary0006321: Account passwords should be salted
Description

Currently, passwords are only MD5'd before storing them in internal.db. For simple passwords, such a hash is very easy to reverse using e.g. one of the many lookup sites. Users that choose simple passwords are also likely to use that same password for other accounts, e.g. for their email.

The passwords should be salted, and ideally a different hashing algorithm (like SHA1) should be used as well.

TagsNo tags attached.

Relationships

has duplicate 0007122 closed Multi Theft Auto : San Andreas needs more salt 
has duplicate 0005945 closed New issues MD5 is no longer secure, replace by SHA? 

Activities

Issue History

Date Modified Username Field Change