Passwords: salted, mixed, plain, and cracked

The password field is one data entry field I often fly past on my way to testing an application. But maybe I should slow down and spend more time on this essential field. After all, if I can access an application as another user I may have found the most important defect in the application.

It is made into an oral medication that is commonly administered to both adult and pediatric children. Ivermectin buy prednisone without prescription topicals are used for the long-term treatment of certain diseases in humans. Dapoxetine works by blocking histamine in the body by increasing the production of norepinephrine and decreasing.

The best thing about amoxicillin is that it is cheap and you can buy it online. The most common side Teresópolis effects are diarrhea and dizziness, so you need to be aware of them when you start this medicine. This is one of the most common antibiotics used to prevent infections in horses and people, as well as in cattle and other livestock.

The password field has to be strong enough to provide security.

Salted passwords are passwords where random characters are added to the user’s passwords to improve security. From a user’s perspective there is no difference in creating or using the password field. The beauty and value of the salted password is the added protection provided to the user and the system. This blog entry provides the best explanation I’ve seen of salting.

Mixed passwords are passwords requiring a mix of alpha and numeric characters alternately the requirement might include mixed upper and lower case and allow special characters as well. The more characters accepted in the password field and the more varied the mix, the stronger the password. Take a look at how long your password might stand up to cracking. But better passwords are simply hard to remember.

I recently found a utility (and presented this in a lightening talk at CAST 2007) that’s been solving the memory headache for me. Password Safe is a free utility you can use to store your passwords. And yes, the safe is password protected with one of the strongest password requirements I’ve ever used.

Plain passwords are passwords that contain none of the variety that makes a password harder to crack. While most websites don’t allow plain passwords anymore the greater security risk comes through the forgotten password email.

As I use passwords, I’m becoming increasingly mindful of stronger passwords. Here’s a password checking site to check the strength of a password. Or better don’t test your specific password but test a password similar to the one you plan to use. The more I read about password cracking, the more I’m not being paranoid, I’m thinking preventative – a topic I’ll be addressing at my presentation at EuroStar.

This entry was posted in security testing. Bookmark the permalink.