Does your website store account passwords correctly? Would you tell everyone on the Internet how you do it? Would you? I explain why you should and how to get an A+ grade from my Password Storage project.
This is a story of how the Password Storage project has convinced companies to publicly disclose their password storage practices and assigned each a grade based on how well they follow best practices of not just hashing but also disclosing the info.
If you know you need to up your hashing game, you can follow my article titled Upgrading existing password hashes that explains how to gracefully migrate passwords hashed with a legacy algorithm to a secure one.
Datum a pro koho
1. srpna 2019, All Things Auth Podcast