Even though the current recommendation for storing passwords is the usage of a slow key derivation function such as Argon2, scrypt, PBKDF2 or bcrypt1, many websites still use the traditional hash(password + salt) method, with MD5, SHA-1 and SHA-256 being the most commonly used hash functions.
The SHA-1 hash of mySuperSecretPassword123 with the salt !8(L-_20hs is E5D0BEE0300BF17508CABA842084753685781907.
Assume an attacker would steal the salt and the first half of the hash, so E5D0BEE0300BF17508CA. We also assume that the attacker is aware that SHA-1 is being used and how the salt and the password are concatenated.
How difficult would it be for an attacker to recover the original password?
1 bcrypt technically isn’t a key derivation function, but for the purposes of this question it functions identically.
