Links for Today: Passwords

Today I am reviving an old blogging tradition of posting some interesting or useful links with little or no context. Today’s topic: Passwords. 4 fatal flaws in deterministic password managers Sync-less password managers are trending again, Tony Arcieri breaks down some reasons why they suck. NIST’s New Password Rules For developers: I pull this article… Continue reading Links for Today: Passwords

Rethinking Passwords

Made my first post over at the company blog. Thought it would only be appropriate to give it some link love over here. My thoughts on the future of password: Rethinking Passwords.

Assault on the Hash (or how to make secure your passwords)

In a recent episode of Build & Analyze Marco Armet (creator of Instapaper) explained that the standard practice of salting a hash is no longer a really good way to secure passwords. CPUs (and GPUs) are so fast that they can effectively guess your salt in a reasonable amount of time*. The solution, use bcrypt.… Continue reading Assault on the Hash (or how to make secure your passwords)