Blogs about: Password Hashing
Featured Blog
SHA-512 w/ per User Salts is Not Enough
The real problem is that we shouldn’t be solely replying on hashing algorithms to secure this data. Once the salt is known, it would be pretty trivial to dictionary a bunch of hashes in little or no t… more →
Don McCaughey
Password Hashing In PHP
wrote 2 months ago: Password Hashing is one of the most used way of storing passwords in database. There are different w … more →
password_compat library
wrote 2 months ago: In PHP 5.5 we can expect these awesome password_ functions being implemented in the core, making pas … more →
What Evernote did correctly.
— 1 comment
wrote 2 months ago: Yesterday I wrote about a little about Evernote being hacked and how it was bad that I could not rem … more →
Initiative to develop new methods of password hashing
wrote 3 months ago: The competition Password Hashing Competition (PHC) an attempt to identify new password hashing schem … more →
Cryptography Competitions
wrote 3 months ago: Password Hashing Competition : The Password Hashing Competition (PHC) is an effort organized to ide … more →
SHA-512 w/ per User Salts is Not Enough
wrote 7 months ago: The real problem is that we shouldn’t be solely replying on hashing algorithms to secure this data. … more →
How To Safely Store A Password
wrote 9 months ago: Use bcrypt Use bcrypt. Use bcrypt. Use bcrypt. Use bcrypt. Use bcrypt. Use bcrypt. Use bcrypt. Use b … more →
Salted Password Hashing - Doing it Right
wrote 10 months ago: The best way to protect passwords is to employ salted password hashing. This page will explain how t … more →
What Every Web Programmer Needs To Know About Security
wrote 11 months ago: From Google Code University. This submission contains slides that complement each of the chapters in … more →
Let’s talk about password storage
wrote 11 months ago: Neither of the two technologies is following any sort of modern industry standard and, if they were … more →
Why you should never use hash functions for message authentication
wrote 11 months ago: This morning I was reading an article on the Intridea blog about signed idempotent action links. The … more →
Storing Passwords Securely
wrote 11 months ago: Personally, I think it boils down to a fundamental misunderstanding about what cryptographic hash fu … more →
SSCC 79 - Smart meter privacy concerns, WiFi insecurity due to WPS and password hashes explained
— 1 comment
wrote 1 year ago: Paul Ducklin, Sophos’s Head of Technology, Asia Pacific, joined me for the first Chet Chat of … more →
Do any security experts recommend bcrypt for password storage?
wrote 1 year ago: However 11 years later, many are still using SHA2x with salt for storing password hashes and bcrypt … more →
Password validation bug in some implementations of bcrypt
wrote 1 year ago: Earlier today, while working on a test suite for John the Ripper, magnum discovered and reported wha … more →
Introduction to Strong Cryptography – p1.1 – Keyed Hashing, Hash Attacks, MACs, Shakespeare
wrote 1 year ago: This article is one of many in my Strong Cryptography series. Today we’ll dive into some deeper to s … more →
Easy method to encode password Using PHP
wrote 1 year ago: We are all used to using MD5() for generating hashes when saving passwords using php and mysql. But … more →
Use a Password Hasher to Generate More Secure Passwords
— 20 comments
wrote 2 years ago: The trouble with secure passwords is that they’re hard to remember, and you should really use … more →
Use a Password Hasher to Generate More Secure Passwords
— 19 comments
wrote 2 years ago: The trouble with secure passwords is that they’re hard to remember, and you should really use … more →
