1

I hashed the same password a lot of times (approximatively 1000 times) using the salted Linux MD5 format.

I want to know if it's easier to recover the clear password or not.

Is there something that can exploit these multiple applications of the hashing algorithm.

John Doe
  • 121
  • 2
  • 1
    You may find usefull information in [this question](https://security.stackexchange.com/questions/11205/what-is-the-problem-with-chain-hashing/).Basically, it does not cause harm, but it does not improve security either. You should consider using a proper password hashing function. – WhiteWinterWolf May 01 '15 at 09:29

1 Answers1

0

applying the same hash function several times makes the hashing process more computationally expensive. The benefit of this is that when other means of cracking the password hash fail (guessing, dictionary attacks, rainbow tables, etc.), and the attacker is forced into brute-force techniques, it takes them longer to try each password, simply because they have to apply the same hash function more often. So if one round of hashing would require one month of brute-forcing, applying it twelve times would increase the estimated time to a year.

https://softwareengineering.stackexchange.com/questions/115406/is-it-more-secure-to-hash-a-password-multiple-times

Community
  • 1
parmoon
  • 31
  • 5