Comment Re:Hard to know where to begin (Score 4, Informative) 338
Online systems today are unconscionably fragile and prone to vulnerabilities.
They are too complex. And the tools used and components from which they are built are often not sufficiently audited for security.
Here is an example: one of the most popular software libraries used today for encrypted logins, called "bcrypt", went for years without being thoroughly audited by cryptographers.
In fact, the authors stated that "we hope" the additional key-generation rounds they implemented in order to slow down its operation did not introduce new vulnerabilities.
And it was reasonable to think so, considering the way it was built. But hope and thinking so just don't cut it when it comes to cryptography.
In fact I'm still not sure whether bcrypt has, in fact, been thoroughly cryptographically audited.