Block SQL Injection

Edho P Arief edhoprima at
Thu Apr 21 07:40:42 MSD 2011

On Thu, Apr 21, 2011 at 8:36 AM, Cliff Wells <cliff at> wrote:
> Easy. What data does your database store? Quite probably usernames and
> passwords. A fundamental truth is that people often use the same
> passwords for multiple services. If you can obtain the password for a
> company's CMS or Webmail application, chances are you now have their
> password for multiple services.

There is a good reason why bcrypt is recommended as password hashing method.

More information about the nginx mailing list