This happens with every stream cipher, RC4, Chacha20, AES-CTR, but not hashes.
The problem with multiple hashing is that it doesn't change the odds of finding a collisions or make it more secure, it only makes it slow, which I think is just what Logan wanted out of it.
Although his implementation is pretty much equivalent to hashing the password with a huge salt, which is kind of wasteful.
Something similar to pbkdf2, would be the best here, since you can fine tune how slow you want it to run, without the need of 50 different salts.
I might give implementing pbkdf2 a shot later today.
Bcrypt would require implementing Blowfish in CC, which I can't be arsed to do, while pbkdf2 only requires hmac.
Edited by Anavrins, 25 April 2016 - 06:59 PM.