Password Storage and Hashing

Anthony Ferrara (06.Oct.2012 at 10:40)
Talk at PHPNW12 (English - UK)

Rating: 5 of 5

Password Storage and Hashing

Who are you?

Claim talk

Talk claims have been moved to the new Joind.in site.

Please login to the new site to claim your talk

 
Comments closed.

Comments

Rating: 5 of 5

06.Oct.2012 at 16:32 by Martin de Keijzer (56 comments)

This talk was extremely useful, Anthony showed us the different types of encrypting passwords and how easy it can be to brute force them. The numbers were real eye-openers and PHP 5.5 will have some awesome features to create ways of securing passwords. I'm looking forward to seeing the full talk, it's the kind of hardcore stuff we developers love to work with.

Rating: 5 of 5

06.Oct.2012 at 17:21 by Ben Waine (57 comments)

Loved this talk. I was shocked at just how quickly passwords can be brute forced and grateful for instructions on how not to get caught out!

Rating: 5 of 5

06.Oct.2012 at 21:51 by Leigh (11 comments)

Been following the development of this API for a while, and was nice to see it presented in context by the author.

Really helpful and relevant examples that really drove home the point. Looking forward to evangelising this more come 5.5

Rating: 4 of 5

07.Oct.2012 at 09:09 by Mark Baker (120 comments)

Perhaps focused a bit too much on the speed with which different password hashes could be brute-forced attacked on different platforms, though it served as a good precursor to the recommendation to use the new password hashing functions recently added to the PHP core... however, I'd have liked to see a bit more about how the new functions work internally.

How we convince a million existing developers to upgrade and start using the new functions rather than their naive use of an unsalted md5 hash is an exercise for the future

Rating: 5 of 5

07.Oct.2012 at 10:27 by Kathryn Reeve (41 comments)

A great introduction on the best practices for password and a sneak peak of PHP5.5 functionality.

Speaker had good pace and handled questions well.

Rating: 5 of 5

10.Oct.2012 at 18:15 by Derek Kaye (10 comments)

A very useful talk. I was surprised at how weak md5+salt was. Also thanks for recording and uploading the video - now that I've spammed the link to my colleagues they have no excuse not to use bcrypt :D

As it's not been mentioned already, here is the video http://www.youtube.com/watch?v=eNdW5HWBhG0

© Joind.in 2019