Freelance Word Punk

[THIS SITE IS NO LONGER BEING UPDATED - IF YOU HAVE ENDED UP HERE YOU ARE IN THE WRONG PLACE, PLEASE CLICK WWW.HAPPYGEEK.COM TO VIEW NEW CONTENT BY DAVEY WINDER]

Saturday, May 17, 2014

Password 101 (part 1): hashes and salts

What a password isn't, or at least really shouldn't be, is some kind of secret word or phrase that is simply compared against a table of usernames in a login database. Such plaintext systems are about as secure as a chocolate padlock on a furnace door. Even a login system whereby those passwords are encrypted isn't much better, although many people assume they are safe as houses. Breaches across the years have proven how insecure any system which relies purely on reversible algorithm encryption really is.

Newer Post Older Post Home

Blog Archive

Co-founder of IT Security Thing Ltd, Davey Winder is a three time winner of the Information Security Journalist of the Year award (2006/2008/2010) and received the prestigious Enigma Award for his lifetime contribution to information security journalism in 2011.

Simple theme. Powered by Blogger.