| |||||
| |||||
Search Irongeek.com:
Help Irongeek.com pay for bandwidth and research equipment: |
Weak security architectures have led us into a world of
massive password breaches occurring at an alarming rate.
Infrastructure and application authentication systems continue to rely on credentials stored in databases. While there
are ways to mitigate risk to these systems, offline attacks
against accessed credentials have remained possible... until
today. Forget MD5. Forget SHA1. In fact, forget hashing
altogether. We can do it better using the strategic advantages
of the defensive perspective. The Ball and Chain password
storage mechanism has the power to halt offline attacks on
credentials for good. No more password breaches. No more
fear of being the next Stratfor/Adobe/Yahoo/etc. No more
CorrectHorseBatteryStaple. Let’s take back the internet.
15 most recent posts on Irongeek.com:
|
If you would like to republish one of the articles from this site on your
webpage or print journal please contact IronGeek.
Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast