Confusing text
rdivyanshu opened this issue · 2 comments
Hi @lvh, first of all thanks for writing this book.
I found this text confusing.
Perhaps the biggest problem with salts is that many programmers were suddenly convinced they were doing the right thing. They’d heard of broken password storage schemes, and they knew what to do instead, so they ignored all talk about how a password database could be compromised. They weren’t the ones storing passwords in plaintext, or forgetting to salt their hashes, or re-using salts for different users. It was all of those other people that didn't know what they were doing that had those problems. Unfortunately, that’s not true. Perhaps that’s why broken password storage schemes are still the norm.
It reads more like rant than providing useful information. Maybe this text can be written in direct way.
Thanks again for writing enjoyable introduction to cryptography
How would you like me to phrase it? I have seen that precise thing happen numerous times and yes, it's pretty frustrating.
On second thought, it seems ok. But It would be great if next paragraph it included examples of broken password storage despite doing all this and ignoring advices.