• Majestic
    link
    fedilink
    arrow-up
    1
    ·
    6 months ago

    I mean combined with any kind of function, even a trivial kind. A salt derived from some machine state data (a random install id generated on install, a hash of computer name, etc) plus a rot13 or something would still be better than leaving it plaintext.

    • uis@lemm.ee
      link
      fedilink
      arrow-up
      1
      ·
      6 months ago

      Malware has access to it.

      If fs is not encrypted, then malicious hardware(FSB agent’s laptop) also has access to it. If encrypted, then it we are back to statement many people told here about encrypting fs.

      plus a rot13

      That’s not salting.