Password Storage Cheat Sheet

From OWASP
Revision as of 01:08, 26 August 2011 by Jmanico (Talk | contribs)

Jump to: navigation, search

ACTIVE WORK IN PROGRESS AUGUST 2011

Introduction

This article is focused on providing guidance to storing a passwords in order to help prevent password theft.

Password Storage Rules

  1. Use a strong hash
    1. SHA
    2. bcrypt
  2. salt
  3. salt isolation
  4. hash iteration


OWASP Cheat Sheets Project Homepage

Developer Cheat Sheets (Builder)

Assessment Cheat Sheets (Breaker)

Mobile Cheat Sheets

OpSec Cheat Sheets (Defender)

Draft Cheat Sheets