[Owasp-manila] Stepping through password hashing options

Michael Dungog michael.dungog at owasp.org
Mon Jun 11 02:23:41 UTC 2012


A nice post from one of the web dev managers here at Mozilla.  I'm
interested to hear people's thoughts on the final option or any stories on
other approaches.

The key item is blending the benefits of hashing / time requirements with a
practical approach to minimize the impact of most common theft vector (sql
injection)

http://blog.mozilla.org/webdev/2012/06/08/lets-talk-about-password-storage/

-- 
Michael Dungog
*OWASP Manila Chapter Leader*
*https://www.owasp.org/index.php/Manila*
*michael.dungog at owasp.org*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-manila/attachments/20120611/36b0092c/attachment.html>


More information about the Owasp-manila mailing list