Friday Sep 22

Posts Tagged ‘salt’

Jun
11/12
Is LinkedIn lying about their new password salting?
Last Updated on Monday, 11 June 2012 04:17
Written by jj
Monday, June 11th, 2012
Share

Wow, we’re a skeptical and paranoid bunch, aren’t we? I can’t blame the numerous security professionals that are making claims that LinkedIn is likely lying about their new password salting for added security. If you’re not a cryptography junkie, it may not make sense. I’ve been running things by several cryptography specialists and our security research friends as a sanity check too, but some of these claims are getting out of hand.

Is LinkedIn lying about implemented salts to secure user passwords? (more…)

Tags: , , ,   |  Posted under Crypto, Industry Insider  |  Comments  2 Comments
Jun
10/12
Correcting colleagues on LinkedIn salting and hashing details
Last Updated on Monday, 11 June 2012 04:24
Written by jj
Sunday, June 10th, 2012
Share

I’d like to note there are some articles out there with misinformation as to the salting and hashing methods and abilities of LinkedIn to retroactively fix the issue of unsalted passwords.

In one particular article at Computer World  a reference was cited as saying LinkedIn could not have implemented the salting feature with the already-created database of hashes, and that salting could only be implemented with the original password, when a user created or changed a password. (more…)

Tags: , , , ,   |  Posted under Crypto, Industry Insider  |  Comments  3 Comments

More Content

Find more of my content at
- Low Tech Hacking book
- Dark Reading
- Network Computing
- IANS
- SearchSecurity
- TechTarget

Get Social

RSSFacebookLinkedinYoutube

Subscribe

Enter your email address:

Delivered by FeedBurner

NetworkedBlogs