Writing my newest post over at the BreachAlarm Blog led me to some pretty interesting and diverse corners of the web. Research on the subject of password hashing is plentiful and fascinating, and there’s enough information to make the average head spin.
With hackers and other computer criminals using ever-more sophisticated methods to get hold of user data, we’ve found ourselves in an arms race of password-storing technologies. While many sites still use plain-text – a high-profile example was Reddit back in 2007 – this humble way that website owners used to store passwords has mostly gone the way of the dinosaur.
My challenge in this article was to distil all of it into a single, accessible post. Do take a look!