security – passwordhash question.
As I have understood hashing a password (one way cryptation), which is used in wordpress, has a set number of possible hashes. Say 5000 different hashes.
If I have understood this correctly (which I may not) isn’t this a security risk? if anyone bruteforce the admin account, after 5000 tries they could have put in a some word that generates exactly the same hash as the adminpassword, and therefore be granted access.
- The topic ‘security – passwordhash question.’ is closed to new replies.