[LINK] Why passwords have never been weaker-an d crackers have never been stronger
Roger Clarke
Roger.Clarke at xamax.com.au
Sun Aug 26 13:41:34 AEST 2012
Kim Holburn <kim at holburn.net> wrote on Sun, 26 Aug 2012 11:08:46 +1000
>http://arstechnica.com/security/2012/08/passwords-under-assault/
> Why passwords have never been weaker-and crackers have never been
>stronger ...
At 12:39 +1000 26/8/12, Robin Whittle wrote:
>The article's first page doesn't state the following (it is on page 2):
>when someone gains root access or similar to a site, they can retrieve a
>file of password hashes ...
Thanks Kim and Robin! Nice timing for me, as I'm about to run a
segment of a 3rd-year CS unit on eCommerce security.
I've added it to the reading list, and updated my Passwords paper by
adding Password Risk No. 12:
http://www.rogerclarke.com/II/Passwords.html#PR
That paper's only had about 1200 real-person hits since I put it up
13 months ago. My hit rates have flattened out at 3 mill p.a.
(that's people plus spiders). It's not like the olden days of the
Web 1995-2008, when my hit-counts kept growing. (But then I've never
bothered with RSS, blogs, micro-blogs, social networking, approval
memes or any of the many other ways to pump up visits):
What Everyone Ought to Know About Passwords
http://www.rogerclarke.com/II/Passwords.html
--
Roger Clarke http://www.rogerclarke.com/
Xamax Consultancy Pty Ltd 78 Sidaway St, Chapman ACT 2611 AUSTRALIA
Tel: +61 2 6288 1472, and 6288 6916
mailto:Roger.Clarke at xamax.com.au http://www.xamax.com.au/
Visiting Professor in the Faculty of Law University of NSW
Visiting Professor in Computer Science Australian National University
More information about the Link
mailing list