14 DAY TRIAL // After the latest incidents involving the leakage of millions of passwords, many experts have rushed to teach users how to choose strong passwords.
John Graham-Cumming, the founder of Electric Cloud and the author of “The Geek Atlas”, has made something more interesting: an advisory that tells website owners how to make sure that the passwords they store in their databases remain secure even if they’re somehow stolen by hackers.
While most website store password hashes use SHA-1 or MD5, with or without salt, Graham-Cumming believes that they should be relying on something much more secure, such as bcyrpt or scrypt.
He describes his methods in 5 steps that shouldn’t be hard to comprehend, at least not for webmasters with basic mathematical skills. The expert claims that by applying the techniques he presents, the password database becomes more secure, preventing misuse in case it’s stolen.
Take a look at how to secure your database here.