Some Salt and Pepper for bcrypt

--

We had Troy Hunt come along to chat with our students. He outlined methods of taking MD5 hashed passwords and then hashing them again with bcrypt. He also outlined [here] the use of a pepper key to encrypt the hashed output. One of the basic methods he outlined followed the Dropbox approach:

--

--

Prof Bill Buchanan OBE FRSE
ASecuritySite: When Bob Met Alice

Professor of Cryptography. Serial innovator. Believer in fairness, justice & freedom. Based in Edinburgh. Old World Breaker. New World Creator. Building trust.