Posts Tagged ‘password guessing’

password hashingThe competition Password Hashing Competition (PHC) an attempt to identify new password hashing schemes to encourage engagement of reliable schemes for protecting passwords.

The current state of password protection is assessed as unacceptable – web-services often store user passwords in clear text or use unreliable methods of hashing, such as MD5 or SHA-1, for which effective methods of password guessing.

Of the standards forming password-based key is available only PBKDF2 (PKCS # 5, NIST SP 800-132), and of alternative implementations allocate only bcrypt and scrypt. These systems are not without drawbacks and in the community soar ideas for new methods of hashing, but these initiatives are scattered and random. The competition is intended to inspire PHC stakeholders and make their work popular and intelligent character. (more…)