Do Not Encrypt Passwords - Why, You Ask?

January 12, 2012

Encrypting passwords is bad. Try hashing them with a little bit of salt on top. Confused about the terminology - maybe i can clear your confusion with the use of a shoe, a box and a pen & paper...

Comments  (2)


Hacker Halted: Moxie Marlinspike on SSL Authenticity

November 01, 2011

An in-depth examination of the current problems with authenticity in SSL, some of the recent high-profile SSL infrastructure attacks in detail, and some strategies to definitively fix the disintegrating trust relationships at the core of this fundamental protocol...

Comments  (1)


Black Hat USA 2011: Jeff Hudson - CEO - Venafi

August 09, 2011

While encryption was once used almost exclusively to protect information using SSL certificates and symmetric and asymmetric keys to scramble data, now it is also used in authentication mechanisms to confirm the identity of a user or a device, and for digital signing to protect data...

Comments  (0)