One-way Password Crypting Flaws

I was talking with a client and the topic of password crypting came up. From my background as a C coder, I have a few criteria to regard a mechanism to be safe. In this case we’ll just discuss things from the perspective of secure storage, and validation in an application. use a digital fingerprint […]

On Password Strength

XKCD (as usual) makes a very good point – this time about password strength, and I reckon it’s something app developers need to consider urgently. Geeks can debate the exact amount of entropy, but that’s not really the issue: insisting on mixed upper/lower and/or non-alpha and/or numerical components to a user password does not really […]

OSDC 2009 – call for papers reminder

The call for papers for OSDC 2009 is open until 30 June 2009; yes that’s only a few more days. Submit your abstract and do a talk at this fab conference! This is a grassroots style conference designed by developers for developers.  It covers Perl, Python, Ruby/Rails, PHP, Java/Grails and Open Source operating systems as well as some business […]