A new malware attack on SQL Server
Tencent Security has released a report (written in Chinese) describing a new malware attack by the name of “MrbMiner” on SQL Server instances exposed to the Internet… Read More »A new malware attack on SQL Server
Home »
passwords
What is a strong password anyway?
Background Fellow Microsoft MVP Troy Hunt (blog | Twitter) has been operating the website Have I Been Pwned (HIBP) for a number of years now. For… Read More »What is a strong password anyway?
When security and news collide
Behold! There’s a scary monster called skip‑2.0, announced by ESET: This backdoor targets MSSQL Server 11 and 12, allowing the attacker to connect stealthily to… Read More »When security and news collide
Convert legacy password storage without aggravating your users
In a previous post I wrote about storing password hashes in a database, which raises the question of how to convert an existing legacy password storage system… Read More »Convert legacy password storage without aggravating your users
How to really store a password in a database
Recently I wrote: Don’t store passwords in a database. I stand by this statement. I expected a lot of flak because I didn’t explain myself.… Read More »How to really store a password in a database
How to store a password in a database
Hello, and welcome to today’s class on storing passwords in a database. Don’t store passwords in a database. Thanks for attending. Photo by James Sutton… Read More »How to store a password in a database