Fix typo

Jane-QinJ · Aug 22, 2018 · a7fdf60 · a7fdf60
1 parent 360a2af
commit a7fdf60
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 2 deletions.
diff --git a/Safety/safety-cn.md b/Safety/safety-cn.md
@@ -156,7 +156,7 @@ console.log(html);
 
 ```js
 // 加盐也就是给原密码添加字符串，增加原密码长度
-sha256(sha1(md5(salt + password + slat)))
+sha256(sha1(md5(salt + password + salt)))
 ```
 
 但是加盐并不能阻止别人盗取账号，只能确保即使数据库泄露，也不会暴露用户的真实密码。一旦攻击者得到了用户的账号，可以通过暴力破解的方式破解密码。对于这种情况，通常使用验证码增加延时或者限制尝试次数的方式。并且一旦用户输入了错误的密码，也不能直接提示用户输错密码，而应该提示账号或密码错误。
diff --git a/Safety/safety-en.md b/Safety/safety-en.md
@@ -158,7 +158,7 @@ It is often necessary to add a salt to the password and then encrypt it several
 
 ```js
 // Adding salt means adding a string to the original password and increasing the length of the original password.
-sha256(sha1(md5(salt + password + slat)))
+sha256(sha1(md5(salt + password + salt)))
 ```
 
 But adding salt does not prevent others from stealing accounts. It only ensures that even if the database is compromised, the user's real password will not be exposed. Once the attacker gets the user's account, the password can be cracked by brute force. In this case, a verification code is usually used to increase the delay or limit the number of attempts. And once the user enters the wrong password, the user cannot directly prompt the user to enter the wrong password, but should prompt the account or password to be incorrect.