Sony Breach Highlights Secure Password Storage
Kanguru's own Matthew Losanno and Emmett Jorgensen contributed this article to Infosec Island outlining the importance of secure password storage. A few excerpts:
Essentially there are two versions to every password; the password that the user enters at the login screen, and the password stored on the website/server for authentication.
This, of course, begs the question; how secure is the location of the password stored for authentication?
As the recent Sony breach demonstrates, securely storing the password is just as, if not more, important than the strength of the password itself. In this article recently posted by CNET, Lulzsec, the group claiming responsibility for the most recent breach states, "This target gave us LOLs as it provided internal release dates of records, barcodes, sales reports, and plaintext Sony employee passwords."
Read the full article here.