Comments on: Why passwords should be hashed http://security.blogoverflow.com/2011/11/why-passwords-should-be-hashed/ The Security Stack Exchange Blog Sat, 06 Feb 2016 05:11:22 +0000 hourly 1 https://wordpress.org/?v=4.5.6 By: How to securely hash passwords? | XL-UAT http://security.blogoverflow.com/2011/11/why-passwords-should-be-hashed/#comment-488496 Sat, 28 Feb 2015 16:06:28 +0000 http://security.blogoverflow.com/?p=426#comment-488496 […] hard disk, an aftermath of a SQL injection attack — the possibilities are numerous). See this blog post for a detailed […]

]]> By: roryalsop http://security.blogoverflow.com/2011/11/why-passwords-should-be-hashed/#comment-304 Wed, 07 Dec 2011 13:55:56 +0000 http://security.blogoverflow.com/?p=426#comment-304 Michael – that is explicitly stated in the post “…In full details, the hashing process should include a per-password random salt (stored along the hashed value) and be appropriately slow (through thousands or millions of nested iterations), but that’s not the subject of this post. Just use bcrypt”

I do like your “use bcrypt” post though 🙂

]]> By: Michael http://security.blogoverflow.com/2011/11/why-passwords-should-be-hashed/#comment-218 Tue, 08 Nov 2011 18:04:19 +0000 http://security.blogoverflow.com/?p=426#comment-218 You should read this article. Hashing alone is not going to cut it. You have to slow down the operations with something like bcrypt.

http://codahale.com/how-to-safely-store-a-password/

]]>