Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Encrypted password storage

1,176 views

Published on

IVT Tech Talk by Jonathan Oxer in November 2007. Covers use of hashed passwords in web applications and outlines a method to progressively migrate from plain-text to hashed storage. More information at http://jon.oxer.com.au/talks/id/90

Published in: Technology, Business
  • Be the first to comment

Encrypted password storage

  1. 1. Secure Password Storage in SiteBuilder Jonathan Oxer <jon></jon>@ivt.com.au> November 1st, 2007 Internet Vision Technologies Melbourne, Victoria, AU
  2. 2. 18cf7f57ff36142a4 73acdce6e602b03 Jonathan Oxer <jon></jon>@ivt.com.au> November 1st, 2007 Internet Vision Technologies Melbourne, Victoria, AU
  3. 3. “We want to make you aware that media of ours that contained a backup of a portion of the reddit database was stolen recently. We wanted to alert you to the possibility that your username, password, and – in some cases – e-mail address may have been compromised.” Steve Huffman, reddit.com
  4. 4. Lesson for site owners: Don't store passwords in plain text
  5. 5. Do we really need to know user's passwords?

×