|
I was under the impression that salt + append was to prevent brute-forcing from a front-end (like a web UI), not direct DB access. Sure, if they're getting INTO your database, then salt is relatively pointless. But if they're trying to brute-force it from the "outside," it helps a ton.
__________________
"I'm typing on a computer of science, which is being sent by science wires to a little science server where you can access it. I'm not typing on a computer of philosophy or religion or whatever other thing you think can be used to understand the universe because they're a poor substitute in the role of understanding the universe which exists independent from ourselves." - Willravel
|