Over the past few years, I have given a talk on Cryptography Pitfalls at a variety of conferences. One section of the talk covers the evolution of password storage and the various data breaches the last few years. In addition to covering the ways password storage has been done wrong, I also present the best solutions. Instead of recapping it again, take a look at Coda Hale’s blog post on the topic.
We’ve all seen the tense scene in a war movie where the order has come down to launch the nuclear missiles. The captain and his first officer each take out a special key they’ve had around their neck the whole time. Then they both insert their individual keys into the weapons computer and turn simultaneously. Despite being a popular motif, this is a real policy implemented by many military organizations, including the U.S. Air Force. Once you think about it this kind of policy is obvious, one person shouldn’t be able to launch nuclear weapons on their own. Trustworthy is like having a two-man rule for your data.