Encryption vs. hashing: Learning from Adobe's password breach

Password Management and Policy

Email Alerts

Register now to receive SearchSecurity.com-related news, tips and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • BYOI (bring your own identity)

    BYOI (bring your own identity) is an approach to digital authentication in which an end user's username and password is managed by a third party such as Facebook, Twitter, LinkedIn, Google+ or Amazon. 

  • John the Ripper

    John the Ripper is a popular free password cracking tool that combines several different cracking programs and runs in both brute force and dictionary attack modes. Originally developed for Unix-derived systems, the software is now available for most... 

  • password blacklist

    A password blacklist is a list of words disallowed as user passwords due to their commonplace use. Blacklists may also incorporate rules to prevent the use of common passwords with frequently-used modifications such as capital letters, standard subst... 

  • password entropy

    Password entropy is a measurement of how unpredictable a password is. Password entropy is based on the character set used (which is expansible by using lowercase, uppercase, numbers as well as symbols) as well as password length. Password entropy pre... 

  • onboarding and offboarding

    In identity management, onboarding is the addition of a new employee to an organization's identity and access management (IAM) system. The term is also used if an employee changes roles within the organization and is granted new or expanded access pr... 

  • war dialer

    A war dialer is a computer program used to identify the phone numbers that can successfully make a connection with a computer modem. 

  • TACACS (Terminal Access Controller Access Control System)

    TACACS (Terminal Access Controller Access Control System) is an older authentication protocol common to UNIX networks that allows a remote access server to forward a user's logon password to an authentication server to determine whether access can be... 

  • shadow password file

    In the Linux operating system, a shadow password file is a system file in which encryption user password are stored so that they aren't available to people who try to break into the system. 

  • session replay

    Session replay is a scheme a cracker uses to masquerade as an authorized user on an interactive Web site... (Continued) 

  • salt

    In password protection, salt is a random string of data used to modify a password hash.