2017
Let them paste passwords - NCSC Site
by Spone
We think that stopping password pasting (or SPP) is a bad thing that reduces security. We think customers should be allowed to paste their passwords into forms, and that it improves security.
2014
Secure Salted Password Hashing - How to do it Properly
by Spone & 3 others, 2 comments
If you're a web developer, you've probably had to make a user account system. The most important aspect of a user account system is how user passwords are protected. User account databases are hacked frequently, so you absolutely must do something to protect your users' passwords if your website is ever breached. The best way to protect passwords is to employ salted password hashing. This page will explain how to do it properly.
2011
What You Need To Know About Secure Password Schemes
by jon123 (via)
Matasano Security LLC - Chargen - Enough With The Rainbow Tables: What You Need To Know About Secure Password Schemes
2010
2009
2008
2007
How to turn your blog in to an OpenID
by jagtech & 9 others (via)
Wouldn’t it be great if you could use the same account to log in to multiple sites and applications, without having to trust them all with your password? Wouldn’t it be even better if you could do this without having to hand ownership of your online identity over to some monolithic third party? (I’m looking at you, .NET Passport Microsoft Passport Windows Live ID.)
The good news is, you can! OpenID is a decentralised authentication system invented by LiveJournal but now being developed as an open standard under the careful mentorship of the Apache Software Foundation. Anyone can create an OpenID, and the number of sites which let you log in with one is growing by the day.
2006
2005
Security Guide for Windows - Random Password Generator
by abrazell & 1 other
nice tool for creating random passwords
