Surprised not posted yet, but plenty of lessons to be learnt: http://www.codinghorror.com/blog/gawker-hack-release-notes.html
http://en.wikipedia.org/wiki/Salt_(cryptography) See also http://www.reddit.com/r/programming/comments/ekpr3/gawkergizmodo_does_not_salt_their_passwords_uses/ Salt your passwords, I'm looking at you Drupal 6! :( /me hypocrite _______________________________________________ Owasp-Malaysia mailing list [email protected] https://lists.owasp.org/mailman/listinfo/owasp-malaysia OWASP Malaysia Wiki http://www.owasp.org/index.php/Malaysia OWASP Malaysia Wiki Facebook http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420
