Report message:*
 

Re: we need to integrate new password algorhythm ASAP

Subject: Re: we need to integrate new password algorhythm ASAP
by GibaPhp on 2008/3/12 14:16:30

Very, very thanks Vaughan.

Even using the translator I could fully understand their words. I think you did a great job of writing this message.

I fully agree with you on all terms, especially when you tried to warn the origin of the problem of security.

On the question of 'sha256' native in php5, really, you are right too.

I am sure that your value to the team, if it continues impresscms is specializing in security will be of great value and their recognition will be immense for the whole community. We know that a person of this responsibility in charge of a sector very critical and we all know this.

Now remain very concerned about the issue when we already have something recorded in the database and exit via consultation could prove comprometedores data and also allows the server to expose new codes malĂ­ciosos with no currently fails.

The issue of protecting the output is quite preocupando me because we could not solve the problem and also because this code is constantly destroying our database.

Anyway, thank you for service to community and I know give value to an information of this nature. I am also studying a lot to not schedule wrong, but I agree that a tool of verification is important and vital.