[wp-hackers] Wordpress Cookie Authentication Vulnerability
Computer Guru
computerguru at neosmart.net
Thu Nov 22 03:29:31 GMT 2007
On 11/22/07, Otto <otto at ottodestruct.com> wrote:
>
> It seems like we have two different discussions going on here.
>
> 1. Password: If we were to use salt, we could prevent dictionary
> attacks. Great. Fine. Whatever. We get it, but that's not the
> vulnerability we're talking about here. Salt wouldn't fix this
> problem.
Unless you add a second salt after being hacked ;-)
(I know it's not feasible, just don't discount it completely!)
More information about the wp-hackers
mailing list