Comment by spladug on 06/05/2019 at 18:20 UTC

24 upvotes, 3 direct replies (showing 3)

View submission: How to keep your Reddit account safe

View parent comment

They've been hashed with bcrypt for the past 7.5 years https://www.reddit.com/r/changelog/comments/lj0cb/reddit%5C_change%5C_passwords%5C_are%5C_now%5C_hashed%5C_with%5C_bcrypt/[1][2]

1: https://www.reddit.com/r/changelog/comments/lj0cb/reddit%5C_change%5C_passwords%5C_are%5C_now%5C_hashed%5C_with%5C_bcrypt/

2: https://www.reddit.com/r/changelog/comments/lj0cb/reddit_change_passwords_are_now_hashed_with_bcrypt/

The comment section in that thread goes into some of the ancient history from before that point.

Replies

Comment by Caninomancy at 06/05/2019 at 18:47 UTC

4 upvotes, 1 direct replies

Goddammit, i would've gotten away with all dem passwords, if it wasn't for that meddling best practice!

Comment by [deleted] at 07/05/2019 at 03:44 UTC

2 upvotes, 0 direct replies

Bcrypt? RIP your server farm when you generate millions of hashes from the sets of compromised passwords.

Comment by Official_Legacy at 06/05/2019 at 23:19 UTC

1 upvotes, 0 direct replies

Ah the good old time when the codebase was public.