21·
1 year agoThis is disturbingly accurate
TheCaconym [any]
- 0 Posts
- 2 Comments
Joined 4 years ago
Cake day: September 19th, 2020
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
While SHA1 might be considered problematic security-wise in terms of collision (using it for certs today would be very bad, for example), it is not problematic in terms of preimage attacks (even MD5 isn’t broken that way IIRC), which is what truly matters in the context of 2FA / TOTPs
As for “why not SHA256”, compatibility