|
|
| (15 intermediate revisions by the same user not shown) |
| Line 1: |
Line 1: |
| This is a draft, resources which show that clear text pwd are a NO-GO no matter what the "specification sheet" tells you ;-)
| | Site re-work in progress... |
| | |
| == CISSP ==
| |
| Well, it's one of the CISSP questions, but let's have a closer look: <br>
| |
| * What is the BEST method of storing passwords for a system:
| |
| ** password-protected file
| |
| ** file restricted to one individual
| |
| ** one-way encrypted file
| |
| ** two-way encrypted file
| |
| | |
| Well, you may have guessed it already an one-way encrypted file is the correct answer. Of course there are other options so an encrypted password in the credential file works out well, too. <br> So if you're service provider keeps telling you that clear text password don't matter at all, that's a killer argument ;-)
| |
| | |
| | |
| == Books ==
| |
| Computer Security '''''Basics''''' <br> Rick Lehtinen, Deborah Russel & G.T. Gangemi Sr. ; ISBN-13: 978-0596006693 <br> Page 65-66
| |
| | |
| == CWE ==
| |
| https://cwe.mitre.org/data/definitions/256.html
| |
Latest revision as of 04:39, 27 August 2020
Site re-work in progress...