I’ve been spending some time recently combing through the old Matasano Blog Catacombs and blowing the dust off years old tomes. It’s been amazing to see how much information from years ago is still relevant today. Case in point: “Enough With the Rainbow Tables: What You Need to Know About Secure Password Schemes” by Thomas Ptacek. In that post, Tom discusses the fascination with Rainbow Tables, and gives some solid guidelines on secure password storage. He goes on to explain why the focus on rainbow tables is flawed and risks missing the true threat. If you haven’t read it, go read it now. I’ll wait.
Back? Okay, good. Now I’d like to expand on what’s changed since that post, and why its message is still relevant today.
more here........http://chargen.matasano.com/chargen/2015/3/26/enough-with-the-salts-updates-on-secure-password-schemes.html
Back? Okay, good. Now I’d like to expand on what’s changed since that post, and why its message is still relevant today.
more here........http://chargen.matasano.com/chargen/2015/3/26/enough-with-the-salts-updates-on-secure-password-schemes.html