Presumably order numbers are easily guessable, so the md5 really offers no prote... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		cryptofistMonk on Oct 15, 2021 \| parent \| context \| favorite \| on: Governor vows criminal prosecution of reporter who... Presumably order numbers are easily guessable, so the md5 really offers no protection at all in this case and is no better than just using the order number

exikyut on Oct 16, 2021 [–]

And the thing is, even if they can't be guessed, it's only 999,999 calls to try every 6-digit possibility. And you'd only take 11 days if you were nice and paced yourself to 1 req/sec.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact