View Issue Details
|ID||Project||Category||View Status||Date Submitted||Last Update|
|0006321||Multi Theft Auto : San Andreas||Server||public||2011-08-06 12:29||2012-12-16 11:49|
|Target Version||1.3.2||Fixed in Version||1.3.2|
|Summary||0006321: Account passwords should be salted|
Currently, passwords are only MD5'd before storing them in internal.db. For simple passwords, such a hash is very easy to reverse using e.g. one of the many lookup sites. Users that choose simple passwords are also likely to use that same password for other accounts, e.g. for their email.
The passwords should be salted, and ideally a different hashing algorithm (like SHA1) should be used as well.
|Tags||No tags attached.|