Nice read, though I would like to add one link:
http://www.f-secure.com/weblog/archives/2095.html
And referenced from that, http://www.golubev.com/hashgpu.htm with the quote:
Recovery speed on ATI HD 5970 peaks at 5600M/s MD5 hashes and 2300M/s SHA1
hashes.
That means, 2,300,000,000 SHA
There are a lot of ideas and opinions, and a fair amount of confusion
floating around here. Please allow me to summarize the questions and
add my commentary:
1.) Should Django ship using SHA1 (with the current salt length or
even with more bits added)?
- I don't think so. SHA2 (256 or 512) is str
