Luke Sheppard's blog about information security, web development, and hacking 

Great discussion about passwords inside scripts

Here’s a link to a great discussion I started on Stack Exchange’s security site: How can I avoid putting the database password in a perl script? Here is the question

Read More…

 

Security Through Obscurity Is Widely Misunderstood

Pretty much any experienced hacker you talk to, whether an actual crook or a professional IT security researcher, will tell you that “Security Through Obscurity” is useless—at best a waste

Read More…

 

SQL Queries for Plaintext Passwords

  If you find yourself in a database that stores passwords in plaintext, this handful of SQL queries might help you get a picture of how weak the passwords are

Read More…

 

Password key space complexity versus password length

It is weird to think that a 7 character all lowercase password is better than a 5 character alphanumeric with punctuation: 95^5 = 7,737,809,375 26^7 = 8,031,810,176 The seven character

Read More…