A Basil Plant@lemmy.world to Cybersecurity - Memes@lemmy.world · 1 year agoYour password must also not contain the following character combinations: script, select, insert, update, delete, drop, --, ', /*, */.lemmy.worldimagemessage-square60linkfedilinkarrow-up1398arrow-down17
arrow-up1391arrow-down1imageYour password must also not contain the following character combinations: script, select, insert, update, delete, drop, --, ', /*, */.lemmy.worldA Basil Plant@lemmy.world to Cybersecurity - Memes@lemmy.world · 1 year agomessage-square60linkfedilink
minus-squareSemi-Hemi-Demigod@kbin.sociallinkfedilinkarrow-up19arrow-down2·1 year agoThey might be doing it in the DB query, but they’re definitely not sanitized beforehand.
minus-squareCrayonRosary@lemmy.worldlinkfedilinkarrow-up2·1 year agoSanitization has nothing to do with salting and hashing.
minus-squareSemi-Hemi-Demigod@kbin.sociallinkfedilinkarrow-up2·1 year agoIf you do the salting and hashing in a database query you need to sanitize the input before you use it or you open yourself to SQL injection. Databases have salting and hashing functions, after all
They might be doing it in the DB query, but they’re definitely not sanitized beforehand.
Sanitization has nothing to do with salting and hashing.
If you do the salting and hashing in a database query you need to sanitize the input before you use it or you open yourself to SQL injection.
Databases have salting and hashing functions, after all