Content-type: text/html Downes.ca ~ Stephen's Web ~ "Passwords are stored in plain text."

Stephen Downes

Knowledge, Learning, Community

A nice explanation of password hashing and salting, and a rather interesting set of responses from various academic services about the manner in which they store their passwords (or entrust third party services to manage them as GET requests, storing them in access logs for later retrieval and reuse). "To sum up," writes Eric Hellman, "adoption of up-to-date security practices is far from complete in the world of library databases. I hope that the laggards have improved since the submission date of this RFP (roughly a year ago) or at least have plans in place to get with the program." OLDaily hashes passwords and should probably salt them as well.

Today: 1 Total: 16 [Direct link] [Share]

Image from the website
View full size


Stephen Downes Stephen Downes, Casselman, Canada
stephen@downes.ca

Copyright 2024
Last Updated: Dec 22, 2024 06:35 a.m.

Canadian Flag Creative Commons License.

Force:yes