Skip to main content

John Downey

Category: security

Don't wait to fix your password storage

Over the past few years, I have given a talk on Cryptography Pitfalls at a variety of conferences. One section of the talk covers the evolution of password storage and the various data breaches the last few years. In addition to covering the ways password storage has been done wrong, I also present the best solutions. Instead of recapping it again, take a look at Coda Hale’s blog post on the topic.

Introducing Trustworthy

We’ve all seen the tense scene in a war movie where the order has come down to launch the nuclear missiles. The captain and his first officer each take out a special key they’ve had around their neck the whole time. Then they both insert their individual keys into the weapons computer and turn simultaneously. Despite being a popular motif, this is a real policy implemented by many military organizations, including the U.