Security!
Why are there still systems out there that does this:
If you develop systems that require any form of authentication and you need to store passwords. Do not encrypt your passwords, hash them. Preferably use bcrypt (http://codahale.com/how-to-safely-store-a-password/).
And some additional links: http://www.codinghorror.com/blog/2012/04/speed-hashing.html, http://security.stackexchange.com/questions/4781/do-any-security-experts-recommend-bcrypt-for-password-storage/6415#6415
And this:
If you develop systems that require any form of authentication and you need to store passwords. Do not encrypt your passwords, hash them. Preferably use bcrypt (http://codahale.com/how-to-safely-store-a-password/).
And some additional links: http://www.codinghorror.com/blog/2012/04/speed-hashing.html, http://security.stackexchange.com/questions/4781/do-any-security-experts-recommend-bcrypt-for-password-storage/6415#6415
Comments