Dark Reading

Safely Storing User Passwords: Hashing vs. Encrypting

Over the past several months, we've seen major breaches exposing numerous usernames and passwords. The eBay and Adobe breaches impacted millions of accounts. Snapchat was compromised. With every ...
Security Boulevard

The Complete Guide to Authentication Implementation for Modern Applications

A comprehensive developer guide to implementing secure authentication in modern applications. Covers OAuth 2.0, OIDC, ...
PC World

‘Hash Hunters’ Web service cracks password hashes for bitcoins

A search for “Hash Hunters” turns up marijuana-themed t-shirts for sale. It also brings up a password-cracking outsourcing service, payable in bitcoin. Fearing data breaches, Web services often store ...
ZDNet

A quarter of major CMSs use outdated MD5 as the default password hashing scheme

Some of the projects that use MD5 as the default method for storing user passwords include WordPress, osCommerce, SuiteCRM, miniBB, SugarCRM, CMS Made Simple, MantisBT, Phorum, Observium, and X3cms.
Bleeping Computer

Pass-the-Hash Attacks and How to Prevent them in Windows Domains

In the movies, hackers typically enter a few keystrokes and gain access to entire networks in a matter of seconds. In the real world however, attackers often start out with nothing more than a ...