Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror

Comment Re:not md5, bcrypt (Score 1) 259

Hi,

Well, the choice of algorithm is important. MD5 is a bad choice.

And yes you're right, if the password is weak, and the website provides no protection against brute force attacks over HTTP, then it remains a weak password. And resetting the password is a problem which has been mostly solved, you send the person a token by email or sms to their pre-validated account, with which they can create a new password.

Cheers

Hardware Hacking

Submission + - CCC Hackers hardhack DECT telephones (heise.de)

Sub Zero 992 writes: "Heise Security (article in German) is reporting that at this year's Chaos Communications Congress (25C3) researchers in Europe's dedected.org group have published an article (pdf) showing, using a PC-Card costing only EUR 23, how to eavesdrop on DECT transmissions. There are hundreds of millions of terminals, ranging from telephones, to electronic payment terminals, to door openers, using the DECT standard. Is this a security nightmare in the making?"

Slashdot Top Deals

"Free markets select for winning solutions." -- Eric S. Raymond

Working...