mashraqi

+1.408.FRANKMASH (408.372-6562)
[ This is my personal blog so all opinions expressed here are mine. I am a product, scalability, operations and monetization advisor and currently employed as Director of Business Operations & Technical Strategy for a top 50 website that delivers billions of page views per month. I was a keynote panelist for Scaling Up or Out keynote at MySQL Conference and speak regularly at conferences and user groups. ] 		Farhan "Frank" Mashraqi

Thursday, May 15, 2008

Secure Passwords: Breaking a Cryptographic Product

For years, I have said that the easiest way to break a cryptographic product is almost never by breaking the algorithm, that almost invariably there is a programming error that allows you to bypass the mathematics and break the product. A similar thing is going on here. The easiest way to guess a password isn't to guess it at all, but to exploit the inherent insecurity in the underlying operating system. - "Secure Passwords Keep You Safer" by Bruce Schneier

May be, now is the time to ditch that insecure operating system?

On a related note, it's amazing to me how many people use insecure passwords and then repeat those passwords for every site they are a member of. Worse, I can't understand sites that still keep passwords in plain text format.

Labels: , ,

posted by Frank at 10:41 PM

0 Comments:

Post a Comment

<< Home

contact me

  • View Farhan 'Frank' Mashraqi's profile on LinkedIn

Earlier

Popular Posts

Popular Tags

Conferences

  • Structure 08
  • Graphing Social Patterns - East 2008
  • Velocity Conference

Photos

Twitter Updates

    follow me on Twitter
    © 2006 The Mashraqi's.