public marks

PUBLIC MARKS from Spone with tags "best practices" & bcrypt

12 June 2012 12:45

Storing Passwords Securely

by 1 other
Time and time again you hear about a company having all of their users' passwords, or "password hashes", compromised, and often there's a press response including one or more prominent security researchers demonstrating how 1,000 users had the password "batman", and so on. It's surprising how often this happens considering we've had ways to do password authentication that don't expose users' passwords, or at least makes it significantly harder to crack them, for several decades.