Originally Posted by JulesR
Sure they would - that's the purpose of rainbow tables. They'd simply take your unique key and encryption method and generate another table using the matching implementation.
Remember, it's not about decoding the passwords as such, it's more about understanding the way they were encrypted so you can use the same method and effectively "brute force" your way in.
Absolutely, in terms of coding and the server security itself. Be aware though that SSL certificates only encrypt the connection between browser and server, and do nothing at all to make the data received or stored by the site any more secure - a misconception that many people have.
|
Ah i hadnt heard of rainbow tables until you mentioned it earlier, i looked it up
thanks for your views.