June 2012

Storing Passwords Securely
Time and time again you hear about a company having all of their users' passwords, or "password hashes", compromised, and often there's a press response including one or more prominent security researchers demonstrating how 1,000 users had the password "batman", and so on. It's surprising how often this happens considering we've had ways to do password authentication that don't expose users' passwords, or at least makes it significantly harder to crack them, for several decades.
May 2012

How To Safely Store A Password | codahale.com
Use bcrypt. Use bcrypt. Use bcrypt. Use bcrypt. Use bcrypt. Use bcrypt. Use bcrypt. Use bcrypt. Use bcrypt.
March 2011

What You Need To Know About Secure Password Schemes
Matasano Security LLC - Chargen - Enough With The Rainbow Tables: What You Need To Know About Secure Password Schemes
1
(3 marks)