26 Oct
2021
26 Oct
'21
4 p.m.
On 10/26/21 21:28, Marek Zarychta wrote:
but I still believe that MD4 hash is more GDPR conformant than Cleartext-Password ;)
Basically the NT-Password-Hash is used as a shared secret in a challenge-response protocol. The hashing is just used as a key derivation function. => So you have to protect it just like a clear-text password. Ciao, Michael.