Do Not Encrypt Passwords - Why, You Ask?

Thursday, January 12, 2012

Encrypting passwords is bad. Try hashing them with a little bit of salt on top.

Confused about the terminology - maybe I can clear your confusion with the use of a shoe, a box and a pen & paper...

Don't forget to like the video if it has been of any use to you. As always, I'm easy to stalk:

J4vv4D.com
@J4vv4D
Facebook.com/J4vv4D
youtube.com/infoseccynic

Views:	7643
Categories:	General
Industries:	Information Security
Tags:	Encryption Passwords Authentication Storage Access Control Network Security Hashing Javvad Malik

Post Rating I Like this!

Comments:

Ross Macdonald Why bother with passwords in the first place ? They are a relic of a bygone era. They are easy to steal and hard to remember. My post on this: http://rossmac2310.blogspot.com/2012/01/end-of-passwords.html
thanks
Ross

1326445699

Javvad Malik :) that could end up a long discussion indeed Ross.

However, we are where we are with passwords being prevalent to authenticate users. The intent of the video was to clarify common misconceptions around how an application should store the passwords as many people get confused around the commonly used terms.

1326448818

You Must Register or Login to Comment

Most Liked

Latest Member Comments

"Android is always preferable over any OS, very much flexible. Waiting for it's desktop popularity... http://www.doctorbrakes.com"

Steps Toward Weaponizing the Android Platfor... Freid Jerome on 05-17-2013

"http://www.lovewigs88.com"

Is BYOD a Nightmare for IT Security or a Dre... Sasa Miss on 05-16-2013

"http://www.wighair.co.uk/"

FTC Seeks Comment on Proposed Revisions to C... Sasa Miss on 05-16-2013

"http://www.lovewigs88.com"

How to Protect Your Privacy from Facebook's ... Sasa Miss on 05-16-2013