ArrrrCamp 2014- 680,000 Plaintext Passwords: An Open Source Love Story in Three Acts




Rating is available when the video has been rented.
This feature is not available right now. Please try again later.
Published on Nov 13, 2014

By, T.J. Schuck
Fluffmuffin, peppercorn, gilligan — those are just a few of our users' plaintext passwords. I have 80,000 more, and it only took me 87 seconds to gather them from our customer database in a white-hat attack. In Act I of this talk, we'll cover the history of secure password storage, examine the hack, and mitigate the threat. Act II will address the difficulties of working on libraries with complicated external dependencies (like bcrypt-ruby, of which I'm now a maintainer). In Act III, we'll celebrate the power of global collaboration via OSS.

Help us caption & translate this video!



When autoplay is enabled, a suggested video will automatically play next.

Up next

to add this to Watch Later

Add to

Loading playlists...