• Majestic@lemmy.ml
      link
      fedilink
      arrow-up
      1
      ·
      5 months ago

      I mean combined with any kind of function, even a trivial kind. A salt derived from some machine state data (a random install id generated on install, a hash of computer name, etc) plus a rot13 or something would still be better than leaving it plaintext.

      • uis@lemm.ee
        link
        fedilink
        arrow-up
        1
        ·
        5 months ago

        Malware has access to it.

        If fs is not encrypted, then malicious hardware(FSB agent’s laptop) also has access to it. If encrypted, then it we are back to statement many people told here about encrypting fs.

        plus a rot13

        That’s not salting.