Many timing attacks are viable in web applications. But there aren't timing atta... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		tptacek on June 6, 2012 \| parent \| context \| favorite \| on: Storing Passwords Securely Many timing attacks are viable in web applications. But there aren't timing attacks against password hash comparisons, for obvious reasons.

pmylund on June 6, 2012 [–]

You're right. That was an unfortunate choice of words.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact