SlideShare a Scribd company logo

Kieon secure passwords theory and practice 2011

Kieon
Kieon

Kieon company presentation on password security.

Technology
1 of 20
Safe Passwords – In theory & practice Akash Mahajan
Something to think about ,[object Object],[object Object],[object Object]
Something to think about ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Something to think about ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Protecting User Information ,[object Object],[object Object],[object Object]
Different ways to store passwords ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Hashing a password ,[object Object],[object Object]
Hashing a password ,[object Object],[object Object],[object Object],[object Object]
What is hashing? ,[object Object],[object Object],[object Object]
Crypto Hash Functions ,[object Object],[object Object],[object Object],[object Object],[object Object]
What are Rainbow Tables? ,[object Object],[object Object],[object Object],[object Object]
Project Rainbow Crack ,[object Object],[object Object],[object Object]
What is a salt? ,[object Object],[object Object],[object Object]
What is a salt? ,[object Object],[object Object]
Clear text password attacks ,[object Object],[object Object],[object Object],[object Object]
Hashed password; no salt attacks ,[object Object],[object Object],[object Object],[object Object],[object Object]
Hashed password; static salt attacks ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Hashed password; dynamic salt attacks ,[object Object],[object Object],[object Object],[object Object],[object Object]
Conclusion ,[object Object],[object Object],[object Object],[object Object]
Questions?

Recommended

Secure passwords-theory-and-practice
Secure passwords-theory-and-practiceSecure passwords-theory-and-practice
Secure passwords-theory-and-practice
Akash Mahajan
 
A Survey of Password Attacks and Safe Hashing Algorithms
A Survey of Password Attacks and Safe Hashing AlgorithmsA Survey of Password Attacks and Safe Hashing Algorithms
A Survey of Password Attacks and Safe Hashing Algorithms
IRJET Journal
 
Hashing
HashingHashing
Hashing
yashwantsingh122
 
Hash function
Hash function Hash function
Hash function
Salman Memon
 
Hash Function
Hash FunctionHash Function
Hash Function
stalin rijal
 
Breaking out of crypto authentication
Breaking out of crypto authenticationBreaking out of crypto authentication
Breaking out of crypto authentication
Mohammed Adam
 
How Hashing Algorithms Work
How Hashing Algorithms WorkHow Hashing Algorithms Work
How Hashing Algorithms Work
CheapSSLsecurity
 
Se
SeSe
Se
Kingg Ravi
 

Recommended

Secure passwords-theory-and-practice
Secure passwords-theory-and-practiceSecure passwords-theory-and-practice
Secure passwords-theory-and-practice
Akash Mahajan
 
A Survey of Password Attacks and Safe Hashing Algorithms
A Survey of Password Attacks and Safe Hashing AlgorithmsA Survey of Password Attacks and Safe Hashing Algorithms
A Survey of Password Attacks and Safe Hashing Algorithms
IRJET Journal
 
Hashing
HashingHashing
Hashing
yashwantsingh122
 
Hash function
Hash function Hash function
Hash function
Salman Memon
 
Hash Function
Hash FunctionHash Function
Hash Function
stalin rijal
 
Breaking out of crypto authentication
Breaking out of crypto authenticationBreaking out of crypto authentication
Breaking out of crypto authentication
Mohammed Adam
 
How Hashing Algorithms Work
How Hashing Algorithms WorkHow Hashing Algorithms Work
How Hashing Algorithms Work
CheapSSLsecurity
 
Se
SeSe
Se
Kingg Ravi
 
Network security cryptographic hash function
Network security cryptographic hash functionNetwork security cryptographic hash function
Network security cryptographic hash function
Mijanur Rahman Milon
 
Techniques for password hashing and cracking
Techniques for password hashing and crackingTechniques for password hashing and cracking
Techniques for password hashing and cracking
Nipun Joshi
 
Enterprise Password Worst Practices
Enterprise Password Worst PracticesEnterprise Password Worst Practices
Enterprise Password Worst Practices
Imperva
 
Brute Force Attacks - Finding and Stopping them
Brute Force Attacks - Finding and Stopping themBrute Force Attacks - Finding and Stopping them
Brute Force Attacks - Finding and Stopping them
FlowTraq
 
Cassandra Summit 2014: Social Media Security Company Nexgate Relies on Cassan...
Cassandra Summit 2014: Social Media Security Company Nexgate Relies on Cassan...Cassandra Summit 2014: Social Media Security Company Nexgate Relies on Cassan...
Cassandra Summit 2014: Social Media Security Company Nexgate Relies on Cassan...
DataStax Academy
 
SPCHS Construction for Expeditious Keyword Search in Cipher Text
SPCHS Construction for Expeditious Keyword Search in Cipher TextSPCHS Construction for Expeditious Keyword Search in Cipher Text
SPCHS Construction for Expeditious Keyword Search in Cipher Text
IJMTST Journal
 
Securing Mobile Data using Cryptography
Securing Mobile Data using CryptographySecuring Mobile Data using Cryptography
Securing Mobile Data using Cryptography
Eswar Publications
 
Password hashing, salting, bycrpt
Password hashing, salting, bycrptPassword hashing, salting, bycrpt
Password hashing, salting, bycrpt
Ahmad karawash
 
Proper passwordhashing
Proper passwordhashingProper passwordhashing
Proper passwordhashing
fangjiafu
 
Hashing
HashingHashing
Hashing
Hossain Md Shakhawat
 
Iam r31 a (2)
Iam r31 a (2)Iam r31 a (2)
Iam r31 a (2)
SelectedPresentations
 
Securing PostgreSQL from External Attack
Securing PostgreSQL from External AttackSecuring PostgreSQL from External Attack
Securing PostgreSQL from External Attack
All Things Open
 
Stu r33 b (2)
Stu r33 b (2)Stu r33 b (2)
Stu r33 b (2)
SelectedPresentations
 
Social Security Company Nexgate's Success Relies on Apache Cassandra
Social Security Company Nexgate's Success Relies on Apache CassandraSocial Security Company Nexgate's Success Relies on Apache Cassandra
Social Security Company Nexgate's Success Relies on Apache Cassandra
DataStax Academy
 
SHA-1 Collision Found - eSCan
SHA-1 Collision Found - eSCanSHA-1 Collision Found - eSCan
SHA-1 Collision Found - eSCan
MicroWorld Software Services Pvt Ltd
 
Information Gathering With Google
Information Gathering With GoogleInformation Gathering With Google
Information Gathering With Google
Zero Science Lab
 
My Bro The ELK
My Bro The ELKMy Bro The ELK
My Bro The ELK
Tripwire
 
Generating searchable public key ciphertexts with hidden structures for fast ...
Generating searchable public key ciphertexts with hidden structures for fast ...Generating searchable public key ciphertexts with hidden structures for fast ...
Generating searchable public key ciphertexts with hidden structures for fast ...
Pvrtechnologies Nellore
 
Cloud security best practices in AWS by: Ankit Giri
Cloud security best practices in AWS by: Ankit GiriCloud security best practices in AWS by: Ankit Giri
Cloud security best practices in AWS by: Ankit Giri
OWASP Delhi
 
NoSql Injection
NoSql InjectionNoSql Injection
NoSql Injection
NSConclave
 
Image web crawler
Image web crawlerImage web crawler
Image web crawler
dixitas
 
How Internet Search Engines work
How Internet Search Engines workHow Internet Search Engines work
How Internet Search Engines work
guestfc372f
 

More Related Content

What's hot

Techniques for password hashing and cracking
Techniques for password hashing and crackingTechniques for password hashing and cracking
Techniques for password hashing and cracking
Nipun Joshi
 
Cassandra Summit 2014: Social Media Security Company Nexgate Relies on Cassan...
Cassandra Summit 2014: Social Media Security Company Nexgate Relies on Cassan...Cassandra Summit 2014: Social Media Security Company Nexgate Relies on Cassan...
Cassandra Summit 2014: Social Media Security Company Nexgate Relies on Cassan...
DataStax Academy
 
SPCHS Construction for Expeditious Keyword Search in Cipher Text
SPCHS Construction for Expeditious Keyword Search in Cipher TextSPCHS Construction for Expeditious Keyword Search in Cipher Text
SPCHS Construction for Expeditious Keyword Search in Cipher Text
IJMTST Journal
 
Securing Mobile Data using Cryptography
Securing Mobile Data using CryptographySecuring Mobile Data using Cryptography
Securing Mobile Data using Cryptography
Eswar Publications
 
Proper passwordhashing
Proper passwordhashingProper passwordhashing
Proper passwordhashing
fangjiafu
 
Information Gathering With Google
Information Gathering With GoogleInformation Gathering With Google
Information Gathering With Google
Zero Science Lab
 

What's hot (20)

Network security cryptographic hash function
Network security cryptographic hash functionNetwork security cryptographic hash function
Network security cryptographic hash function
 
Techniques for password hashing and cracking
Techniques for password hashing and crackingTechniques for password hashing and cracking
Techniques for password hashing and cracking
 
Enterprise Password Worst Practices
Enterprise Password Worst PracticesEnterprise Password Worst Practices
Enterprise Password Worst Practices
 
Brute Force Attacks - Finding and Stopping them
Brute Force Attacks - Finding and Stopping themBrute Force Attacks - Finding and Stopping them
Brute Force Attacks - Finding and Stopping them
 
Cassandra Summit 2014: Social Media Security Company Nexgate Relies on Cassan...
Cassandra Summit 2014: Social Media Security Company Nexgate Relies on Cassan...Cassandra Summit 2014: Social Media Security Company Nexgate Relies on Cassan...
Cassandra Summit 2014: Social Media Security Company Nexgate Relies on Cassan...
 
SPCHS Construction for Expeditious Keyword Search in Cipher Text
SPCHS Construction for Expeditious Keyword Search in Cipher TextSPCHS Construction for Expeditious Keyword Search in Cipher Text
SPCHS Construction for Expeditious Keyword Search in Cipher Text
 
Securing Mobile Data using Cryptography
Securing Mobile Data using CryptographySecuring Mobile Data using Cryptography
Securing Mobile Data using Cryptography
 
Password hashing, salting, bycrpt
Password hashing, salting, bycrptPassword hashing, salting, bycrpt
Password hashing, salting, bycrpt
 
Proper passwordhashing
Proper passwordhashingProper passwordhashing
Proper passwordhashing
 
Hashing
HashingHashing
Hashing
 
Iam r31 a (2)
Iam r31 a (2)Iam r31 a (2)
Iam r31 a (2)
 
Securing PostgreSQL from External Attack
Securing PostgreSQL from External AttackSecuring PostgreSQL from External Attack
Securing PostgreSQL from External Attack
 
Stu r33 b (2)
Stu r33 b (2)Stu r33 b (2)
Stu r33 b (2)
 
Social Security Company Nexgate's Success Relies on Apache Cassandra
Social Security Company Nexgate's Success Relies on Apache CassandraSocial Security Company Nexgate's Success Relies on Apache Cassandra
Social Security Company Nexgate's Success Relies on Apache Cassandra
 
SHA-1 Collision Found - eSCan
SHA-1 Collision Found - eSCanSHA-1 Collision Found - eSCan
SHA-1 Collision Found - eSCan
 
Information Gathering With Google
Information Gathering With GoogleInformation Gathering With Google
Information Gathering With Google
 
My Bro The ELK
My Bro The ELKMy Bro The ELK
My Bro The ELK
 
Generating searchable public key ciphertexts with hidden structures for fast ...
Generating searchable public key ciphertexts with hidden structures for fast ...Generating searchable public key ciphertexts with hidden structures for fast ...
Generating searchable public key ciphertexts with hidden structures for fast ...
 
Cloud security best practices in AWS by: Ankit Giri
Cloud security best practices in AWS by: Ankit GiriCloud security best practices in AWS by: Ankit Giri
Cloud security best practices in AWS by: Ankit Giri
 
NoSql Injection
NoSql InjectionNoSql Injection
NoSql Injection
 

Viewers also liked

How Internet Search Engines work
How Internet Search Engines workHow Internet Search Engines work
How Internet Search Engines work
guestfc372f
 

Viewers also liked (9)

Image web crawler
Image web crawlerImage web crawler
Image web crawler
 
How Internet Search Engines work
How Internet Search Engines workHow Internet Search Engines work
How Internet Search Engines work
 
Week10 Web Presentation
Week10 Web PresentationWeek10 Web Presentation
Week10 Web Presentation
 
Working of a Web Crawler
Working of a Web CrawlerWorking of a Web Crawler
Working of a Web Crawler
 
Web Crawling & Crawler
Web Crawling & CrawlerWeb Crawling & Crawler
Web Crawling & Crawler
 
The MD5 hashing algorithm
The MD5 hashing algorithmThe MD5 hashing algorithm
The MD5 hashing algorithm
 
Kali Linux - Falconer
Kali Linux - FalconerKali Linux - Falconer
Kali Linux - Falconer
 
Web crawler
Web crawlerWeb crawler
Web crawler
 
Web crawler
Web crawlerWeb crawler
Web crawler
 

Similar to Kieon secure passwords theory and practice 2011

Data Storage and Security Strategies of Network Identity
Data Storage and Security Strategies of Network IdentityData Storage and Security Strategies of Network Identity
Data Storage and Security Strategies of Network Identity
Antiy Labs
 
Passwords good badugly181212-2
Passwords good badugly181212-2Passwords good badugly181212-2
Passwords good badugly181212-2
Iftach Ian Amit
 
Crypto failures every developer should avoid
Crypto failures every developer should avoidCrypto failures every developer should avoid
Crypto failures every developer should avoid
Filip Šebesta
 

Similar to Kieon secure passwords theory and practice 2011 (20)

Hashing Considerations In Web Applications
Hashing Considerations In Web ApplicationsHashing Considerations In Web Applications
Hashing Considerations In Web Applications
 
Password Storage Explained
Password Storage ExplainedPassword Storage Explained
Password Storage Explained
 
P@ssw0rds
P@ssw0rdsP@ssw0rds
P@ssw0rds
 
Password craking techniques
Password craking techniques Password craking techniques
Password craking techniques
 
Practical Cryptography and Security Concepts for Developers
Practical Cryptography and Security Concepts for DevelopersPractical Cryptography and Security Concepts for Developers
Practical Cryptography and Security Concepts for Developers
 
Data Storage and Security Strategies of Network Identity
Data Storage and Security Strategies of Network IdentityData Storage and Security Strategies of Network Identity
Data Storage and Security Strategies of Network Identity
 
Applied cryptanalysis - everything else
Applied cryptanalysis - everything elseApplied cryptanalysis - everything else
Applied cryptanalysis - everything else
 
TM112 Meeting12-Cryptography.pptx
TM112 Meeting12-Cryptography.pptxTM112 Meeting12-Cryptography.pptx
TM112 Meeting12-Cryptography.pptx
 
Getting authentication right
Getting authentication rightGetting authentication right
Getting authentication right
 
Using Cryptography Properly in Applications
Using Cryptography Properly in ApplicationsUsing Cryptography Properly in Applications
Using Cryptography Properly in Applications
 
Passwords good badugly181212-2
Passwords good badugly181212-2Passwords good badugly181212-2
Passwords good badugly181212-2
 
Password Cracking using dictionary attacks
Password Cracking using dictionary attacksPassword Cracking using dictionary attacks
Password Cracking using dictionary attacks
 
Hashes
HashesHashes
Hashes
 
Password Storage Sucks!
Password Storage Sucks!Password Storage Sucks!
Password Storage Sucks!
 
"Crypto wallets security. For developers", Julia Potapenko
"Crypto wallets security. For developers", Julia Potapenko"Crypto wallets security. For developers", Julia Potapenko
"Crypto wallets security. For developers", Julia Potapenko
 
Password cracking and brute force tools
Password cracking and brute force toolsPassword cracking and brute force tools
Password cracking and brute force tools
 
Data encryption algorithm(edit)
Data encryption algorithm(edit)Data encryption algorithm(edit)
Data encryption algorithm(edit)
 
Crypto failures every developer should avoid
Crypto failures every developer should avoidCrypto failures every developer should avoid
Crypto failures every developer should avoid
 
Crypto failures every developer should avoid
Crypto failures every developer should avoidCrypto failures every developer should avoid
Crypto failures every developer should avoid
 
IRJET- Login System for Web: Session Management using BCRYPTJS
IRJET- Login System for Web: Session Management using BCRYPTJSIRJET- Login System for Web: Session Management using BCRYPTJS
IRJET- Login System for Web: Session Management using BCRYPTJS
 

Recently uploaded

Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Igalia
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
Delhi Call girls
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
Enterprise Knowledge
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 

Recently uploaded (20)

Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 

Kieon secure passwords theory and practice 2011