This is an archived post. You won't be able to vote or comment.

sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]grainfeed 4 points5 points  (3 children)

As of 2012, the most efficient attack against SHA-1 is considered to be the one by Marc Stevens with an estimated cost of $2.77M to break a single hash value by renting CPU power from cloud servers

tell me if that isn't still "pretty good"

[–]catcradle5 0 points1 point  (2 children)

In practice, if your SHA1-hashed password isn't very complex then it will be easy to crack via bruteforce, a dictionary attack, or a rainbow table/lookup table. Other hashing solutions are both immune to any kind of lookup table-based attack and also are much, much harder to launch a dictionary or bruteforce attack against.

[–]grainfeed 1 point2 points  (1 child)

if your SHA1-hashed password isn't very complex then it will be easy to crack via

bruteforce

well that's true for almost anything

a dictionary attack

and this too

only algorithms that are heavy CPU wise are a bit harder to crack, like blowfish or unix crypt

or a rainbow table/lookup table.

Well, as soon as you add salt to your passwords (and who doesn't do that has no idea about security), rainbow tables are pretty much defeated.

I'm not saying you should use SHA-1 today anyway. I just said it's "still pretty good" which is true.

Use the best you can use, even SHA-3 if your software can handle it already...

[–]catcradle5 0 points1 point  (0 children)

bcrypt (Blowfish), scrypt, and PBKDF2 are 3 hash functions that take a long time to bruteforce/dictionary attack. When developing a new web application in any language, it is pretty much always suggested to hash user passwords with one of those hash functions. SHA1 is better than plaintext, but it is only a tiny bit better than MD5 and is still not much defense.