Follow

Researchers asked 43 freelance developers to code the user registration for a web app and assessed how they implemented password storage. 26 devs initially chose to leave passwords as plaintext.

Those devs were then asked to rewrite their code to 'store passwords securely.' Overall here are the methods of password storage chosen by the developers:
10 - MD5
8 - Base64
7 - Bcrypt
5 - SHA-256
5 - PBKDF2
3 - AES
3 - 3DES
1 - SHA-1
1 - HMAC/SHA1

twitter.com/PwdRsch/status/110

Sign in to participate in the conversation
Mastodon @ SDF

"I appreciate SDF but it's a general-purpose server and the name doesn't make it obvious that it's about art." - Eugen Rochko