Slide Show: 10 Password Database Fails
Evernote's most recent password breach is the same refrain from a song the industry has been singing for a while -- check out some of the worst password cache compromises
Last week, online notetaking firm Evernote sent a password reset notice to all 50 million of its users after it discovered that hackers had breached internal account information databases to steal encrypted username and password combinations. Though the firm did put some level of cryptographic protection in place by using a salted MD5 hash, experts have criticized that as an easily brute-forced method of encryption and not nearly as effective as something like bcrypt, scrypt, or PBKDF2, which are designed to slow the number of automated guesses a hacker can make per second.
Free Research and Reports
- Big Data: Architecting Systems at Speed - E2 Conference Boston
- Secure your mobile applications in the new commerce era - Mobile Commerce World - Mobile Commerce World
- Learn how to move your broadband service to an All-IP network at TelcoVision (formerly TelcoTV) - TelcoVision
- Learn how to best integrate mobile commerce with your current systems -- Mobile Commerce World - Mobile Commerce World
- How to Choose a SaaS Vendor - E2 Conference Boston
Dark Reading Digital Magazine
In This Issue
- Endpoint Security: End user security requires layers of tools and training as employees use more devices and apps.
- Security Isn't A Piece Of Cake: It's time we rethink the conventional wisdom about security layering.
- BYOD Is Here To Stay: Trying to keep employees' devices off the network is futile.