[Owasp-leaders] Stepping through password hashing options

Michael Coates michael.coates at owasp.org
Sun Jun 10 17:04:48 UTC 2012


A nice post from one of the web dev managers here at Mozilla.  I'm interested to hear people's thoughts on the final option or any stories on other approaches.

The key item is blending the benefits of hashing / time requirements with a practical approach to minimize the impact of most common theft vector (sql injection)

http://blog.mozilla.org/webdev/2012/06/08/lets-talk-about-password-storage/




-------
Michael Coates | OWASP
michael.coates at owasp.org | @_mwc





More information about the OWASP-Leaders mailing list