I was able to create a password, but on the forum login page the maximum length of the username accepted is only 25 characters (I assume username means email address in this case) and my email is address is longer. I edited the HTML to remove the limit, but the page now says "Incorrect username and/or password." My password is 35 characters long and includes special characters like "#`^~" maybe that's the problem?
**********
@Deterous, thanks for the quick reply, regarding HTTPS, besides the password sniffing, there are other considerations:
1. someone could edit the pages viewed to inject malicious javascript that can exploit a browser vulnerability
2. a less likely attack, but someone could edit a page and change the hashes displayed to the user, for example to get them to run a fake PC game ISO that is actually a virus, while making the user believe the disc is a legitimate copy
as for the hashes, what you say is correct and will probably be correct for some more years, maybe even decades, but eventually someone will be able to crack all 3 hashes and make a fake file with the same file size as well. since this database is meant to preserve games for the future, hashing with secure hashes now is a way to future-proof the database. there is also the issue that most emulators just rely on only one of the hashes, not all 3 + filesize when verifying a game, and if SHA-256 were used that would be ok. regarding your points about the time/compatibility:
1. calculating all those hashes would maybe only take 4 to 7 times longer than just the current hashes (maybe only twice as long for just adding SHA-256), which is done only once per dump, and the benefit is it secures the database. no one is required to calculate them if they don't want to (the website could show the little blue/green dots next to the additional hashes that have been added once/verified multiple times), but of course if you state that you are welcoming these new hashes, people would surely provide them. newer CPUs have hardware acceleration for all these newer hashes
2. the software that uses the hashes doesn't have to use hashes it isn't programmed to use (some emulators use only one of the hashes)
3. there could be 2 releases of the datfiles, one with all hashes up to SHA-256 that most people playing games can use, and one with all the future-proof hashes for people backing up the database/preserving games
what do you think? I prefer to post in the forum instead of discord/IRC