Hello and welcome to our community! Is this your first visit?
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 2 of 2
  1. #1
    Senior Coder doubledee's Avatar
    Join Date
    Mar 2011
    Thanked 0 Times in 0 Posts

    Security and "Rainbow Tables"

    Can someone help me get a better understanding of how a hacker would use a "Rainbow Table" to more effectively attack my website?

    First off, a Rainbow Table is just something like this, right?
    Password	Hashed Password
    12345		90217633
    password	78019345
    LetMeIn		25334109
    qwerty		88012542


  • #2
    Senior Coder
    Join Date
    Feb 2011
    Your Monitor
    Thanked 546 Times in 533 Posts
    A hacker will try to find matching hashes in the database which will then allow then to attempt to calculate and find various letters in the password. The more of these they can establish the worse your chances.

    To counter this, we use what is called salt - a random string added on to the password so that if 4 or 5 users use the same password, it will still be different creating a unique hash in the database. You can store each users salt in the password with the rest of their account details.

    You can also use vinegar too - another string which is applied to the password which is hard coded into the php script. I personally use salt and vinegar in my own code but you can just use salt and be done with it.
    I can't really think of anything to write here now...


    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts