Dark Reading

Moving Away From Rash Hashing Decisions

The past few years have been a bonanza for password breaches as poor deployment or nonexistent encryption practices combined with database and Web application vulnerabilities to SQL injection continue ...
Ars Technica

password hashes vs. user password advise

Mods, I'm not sure if this is the best forum to ask, so feel free to move to the best suited forum. At work, we are moving a CRM to a hosted solution. I haven't been much involved in the selection ...
Krebs on Security

Forced Password Reset? Check Your Assumptions

Almost weekly now I hear from an indignant reader who suspects a data breach at a Web site they frequent that has just asked the reader to reset their password. Further investigation almost invariably ...
Threat Post

Cryptographers Aim to Find New Password Hashing Algorithm

Passwords are the keys to our online identities, and as a result, they’re also near the top of the target list for attackers. There have been countless breaches in the last few years in which ...