Threat Post

Cryptographers Aim to Find New Password Hashing Algorithm

Passwords are the keys to our online identities, and as a result, they’re also near the top of the target list for attackers. There have been countless breaches in the last few years in which ...
Ars Technica

Yes, “design flaw” in 1Password is a problem, just not for end users

Over the past 48 hours, Internet security forums have buzzed with news about a newly discovered technique that allows crackers to make an impressive 3 million guesses per second when trying to find ...
ZDNet

A quarter of major CMSs use outdated MD5 as the default password hashing scheme

Some of the projects that use MD5 as the default method for storing user passwords include WordPress, osCommerce, SuiteCRM, miniBB, SugarCRM, CMS Made Simple, MantisBT, Phorum, Observium, and X3cms.
Dark Reading

Safely Storing User Passwords: Hashing vs. Encrypting

Over the past several months, we've seen major breaches exposing numerous usernames and passwords. The eBay and Adobe breaches impacted millions of accounts. Snapchat was compromised. With every ...
ZDNet

Password site LastPass warns of data breach

Even LastPass, a cloud-based password security site, isn't immune to data breaches. The company's chief executive Joe Siegrist said in a blog post that account email addresses, password reminders, ...