Do Not Encrypt Passwords - Why, You Ask?

Thursday, January 12, 2012

Encrypting passwords is bad. Try hashing them with a little bit of salt on top.

Confused about the terminology - maybe I can clear your confusion with the use of a shoe, a box and a pen & paper...

 

Don't forget to like the video if it has been of any use to you. As always, I'm easy to stalk:

J4vv4D.com
@J4vv4D
Facebook.com/J4vv4D
youtube.com/infoseccynic

Possibly Related Articles:
16299
General
Information Security
Encryption Passwords Authentication Storage Access Control Network Security Hashing Javvad Malik
Post Rating I Like this!
Default-avatar
Ross Macdonald Why bother with passwords in the first place ? They are a relic of a bygone era. They are easy to steal and hard to remember. My post on this: http://rossmac2310.blogspot.com/2012/01/end-of-passwords.html
thanks
Ross
1326445699
99edc1997453f90eb5ac1430fd9a7c61
Javvad Malik :) that could end up a long discussion indeed Ross.

However, we are where we are with passwords being prevalent to authenticate users. The intent of the video was to clarify common misconceptions around how an application should store the passwords as many people get confused around the commonly used terms.
1326448818