This is Dcaunt's Typepad Profile.
Join Typepad and start following Dcaunt's activity
Join Now!
Already a member? Sign In
Recent Activity
Great article, all of which I agree with. I'm more than happy to use Twitter to trivial logins, and I'll stick to a unique password for each of my bank accounts. It is safer and it is more convenient. With regard to point 1, and this may not be correct, I believe that both the full database and the source code were compromised. If this is the case, then salts are of little use. I do advocate the use of both a database-stored salt and an application (source code) salt, however, so that if the database is compromised, password hashes (with their salts) are still secure. In the case of Gawker too many mistakes were made.
Toggle Commented Dec 14, 2010 on The Dirty Truth About Web Passwords at Coding Horror
Dcaunt is now following The Typepad Team
Dec 14, 2010