09-05-2018, 06:48 PM
(09-05-2018, 11:07 AM)W13 Wrote:(09-04-2018, 11:36 AM)Wee Man Wrote: What password encryption does this version run on? Back in the day it used to be some crappy MD5+Salt variant which doesn't cut it in 2018.
I'm too lazy to check the code myself, so I posted a question on their forums: https://community.mybb.com/thread-219582.html
Anyways, as long as you're using unique passwords and non-easy-to-guess passwords, then the point of failure is rarely due to weak encryption. I've made sure the database and server are secure - and will continue to monitor this and continue to do so.
There's a modification for myBB to add encryption but I'm skeptical using a mod for this as it would surely break stuff in future updates, etc.
Oh that's the same as IPB 3. I'm encouraged by them saying that 1.9 and future updates will take care of the "out of touch" practices of 1.8.
As for the point of failure being encryption that's fairly true but with modern GPUs and the hashing on here it wouldn't be all that difficult to crack 9/10 character passwords and as much as we like to think users would use good password practices that wasn't the case for most database dumps.
![[Image: A2xdnTr.png]](http://i.imgur.com/A2xdnTr.png)
![[Image: X2LvGU2.png]](https://i.imgur.com/X2LvGU2.png)