Don't encrypt passwords
Loading...
Uploaded by InfosecCynic on Jan 11, 2012
Encryption passwords is bad. Try hashing them with a little bit of salt on top. Confused about the terminology - maybe i can clear your confusion with the use of a shoe, a box and a pen & paper.
Don't forget to like the video if its been of any use to you.
As always, I'm easy to stalk.
www.J4vv4D.com
Facebook.com/J4vv4D
twitter: @J4vv4D
youtube.com/infoseccynic
- 51 likes, 1 dislikes
-
Uploader Comments (InfosecCynic)
All Comments (12)
-
ok buddy, salt is only a method of encrypting weak sha's, u got it!
-
haha "old and busted, shiny hotness"... nice MIB II reference. haha great vid, I always used md5 instead of sha. Is that okay?
-
Nice Analogy. Thanks for putting this together.
-
@tdmfhk1 You issue them a new one
-
We learnt all about salted base64 encryption at Shmoocon, ask Kevin Johnson for more info :)
-
Good Vid. One thing though, I wouldn't recommend using SHA-1/2/256 really for password hashing. A better bet would be bcrypt or scrpyt or PBKDF2 all of which are specifically designed for passwords.
-
@tdmfhk1 Sucks to be him?
-
Very "clever" and if the user forget his password?
- 4:47
How not to get hired for a security jobby InfosecCynic2,687 views
- 2:15
Backtrack 5 Wireless pen testing: Book Reviewby InfosecCynic1,768 views
- 1:46
Benefits of being a CISSPby InfosecCynic7,512 views
- 1:08
Input Validationby InfosecCynic585 views
- 32:51
Top 30 Best Cydia IOS5 2012 Apps Tweaks of ALL TIME | iPhone, iPod Touch, iPad- iOS 5/5.0.1by applecritics213,894 views
- 1:27
risk managementby InfosecCynic736 views
- 4:03
Bypassing Security on Encrypted Drivesby LucidPort262 views
- 11:47
Backtrack 5 R1 , Metasploit and Stolen Tokens in Active Directory (AD) Domainby TokenDie1,175 views
- 1:33
Secure Notepad to Encrypt Textby joikulp799 views
- 8:45
Risk Managementby ArcherTechnologies9,846 views
- 2:52
Encrypt uTorrentby MuzicRocker3,260 views
- 14:07
Episode 41 : Encryption and Dropboxby zedaxis1981217 views
- 2:10
How does internet security workby nRkQzzL911,665 views
- 6:32
PHP Security (Part 1 - Encrypting Passwords)by shanetalbert3,268 views
- 3:43
Secore.infoby InfosecCynic599 views
- 6:08
Limit the access to a web page using .htaccessby TechfulTuts2,551 views
- 7:29
Facebook Hacker v1.8 (Torrent Download)by TopBoyTheMrJay1816 views
- 1:55
Five Best Free Encryption Toolsby AllAboutDataRecovery858 views
- 9:57
Full Disk Encryption with TrueCryptby thesourcecomputing42,521 views
- 5:59
Como Ativar o AutoCAD 2012by MyDofinho39,848 views
Hey bud u can easily rebuild a sha or dmd5 with a rainbow table!. ur a cissp?
theoriginalfatdonkey 6 days ago
@theoriginalfatdonkey yes, you can, hence the addition of the salt. I learnt all of that in my CISSP (not really)
InfosecCynic 6 days ago