User account security (SHA1 + SALT Encrypt)

[siyoteam]

Я зло

[MentaL]

[Sector1337]

very usefull anyway thanks for release

[LeMbo]

Good Job

[NourAyman]

So useful but for unprotected servers :P

[BadFist]

Sorry but what it do ? :D

is MD 5 in MD 5 is impossibly almost to decoed

[pr0xy1337]

Usually the passwords are MD5 hashes (crypted)... This will allow you to make it even more complicated :)

[Mixizi]

You can't decode md5, but you can compare it ^^'

Very nice, I didn't know we were able to change it ! I thought it was from the Login Server, thx to you :)

[pr0xy1337]

You can't decode md5, but you can compare it ^^'

Very nice, I didn't know we were able to change it ! I thought it was from the Login Server, thx to you :)

Tell me about it... ?
MD5 can be decrypted, but if the password is more complicated like pa$$w0rD12345#@! it will take some time or a really good word list to break it :)

[siyoteam]

Tell me about it... ?
MD5 can be decrypted, but if the password is more complicated like pa$$w0rD12345#@! it will take some time or a really good word list to break it :)

it does not decrypt,it is Brute-force

[Mixizi]

it does not decrypt,it is Brute-force

Like said siyoteam, it's not decrypt, it's to compare md5 with other, but sure if the password is qsdoiazgdjamodpazjdazjd , it'll be more complicate to guess it.

[pr0xy1337]

Still the same point....

[LeMbo]

what about currently passwords ?
which made in the old md5 ?
any query to make them SHA1 + SALT Encrypt

[siyoteam]

what about currently passwords ?
which made in the old md5 ?
any query to make them SHA1 + SALT Encrypt

Code:

DECLARE @min int
DECLARE @Max int

SELECT @min = 108050 @Max=135991

WHILE @min < @Max+1 begin
    update TB_User set password = (SELECT CONVERT(VARCHAR(50), HashBytes('SHA1', (select password from TB_User where JID = @min) + 'SALT'), 2))  where JID = @min
    set @min = @min +1;
end

[LeMbo]

(0 row(s) affected)