Quote:
Originally Posted by grimpirate
Eoin:All I've done is slow hackers down with new keys 'cause they'd have to start a new library for my hashes or figure out a way to deconstruct my key (which is unlikely since it takes input of nth size).
|
Hi grimpirate, I think I can see where you're coming from in that noone is going to have a remade list of hashs to compare against your own. But I really think that you should use a tried and tested secure hash.
My reasoning is this, weak passwords such as a dictionary word will always be crackable, good hash function or not, but strong passwords together with a secure hash 'should' be uncrackable. However if your home brewed hash function does not stand up to cryptanalysis then no matter how secure a password is it will always be crackable.
So I suppose home brewed make weak passwords slightly better in that there is added effort on behalf of the cracker to circumvent them, but it can also render strong passwords equally bad as the weak.