Yahoo Login drops Salted Hashes

By Paladion

October 31, 2005

This morning Vinaya pointed out that Yahoo login is not using salted hashes now. Instead, all logins - both standard and secure - work over SSL.

All the old code for salted hashes is still strewn on the yahoo login page. It's just that the password hashes are not calculated any longer. Is this a bug? Or has Yahoo dropped the Salted Hash scheme for good? Watch this space for upcoming news :)

If you're wondering what's so special about salted hashes, you might want to check these earlier posts.

Tags: Uncategorized