Saturday, October 6, 2007

Now add some pepper to your password


I previously wrote a post on password security based on Jeff Atwood's post explaining "Rainbow tables".
As it turns out, Jeff received a feedback from cryptographer Thomas Ptacek pointing out some corrections to the strategy offered in the original post.

The most important idea was using a cryptographically secure hash, meaning hash which expansive in processor time, unlike the common MD5.
One alternative is the Bcrypt algorithm, which has a C# implementation from Derek Slager.

(thanks to Kansir for the photo)

Posted by Adi at 7:03 PM

Labels:

DiggIt! Kick It Socializer Del.icio.us StumbleUpon Toolbar

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)