Adobe Connect breach pops lid off 'Letmein' logins of gov, army types

A breach of Adobe's Connectusers.com forum database has once again exposed password security foibles, as well as website security shortcomings on Adobe's part. Adobe suspended the forum on Tuesday night in response to the hack, as previously reported. The software developer stressed in a statement that its Adobe Connect web …

This topic is closed for new posts.

Posted Friday 16th November 2012 10:18 GMT

Ledswinger

Forum users use insecure passwords?

Well I'll go to the bottom of our stairs.

Posted Friday 16th November 2012 11:50 GMT

Anonymous Coward

"Password hashes were not salted to guard against brute force cracking attacks"

John Leyden, you fail.

Salting hashes does not protect against brute-force.

It helps to make the use of rainbow tables more difficult should the entire database be compromised, as in this case.

Posted Friday 16th November 2012 11:55 GMT

edge_e

Adobe, Security issues,

Really?

Posted Friday 16th November 2012 15:00 GMT

artbristol

"MD5, a cryptographic hash function that's known to be insecure."

MD5's insecurities are nothing to do with its unsuitability for storing passwords; it's failing to salt the password (and to iterate the hash function to slow it down) that's the problem. And the quoted guy is a 'security researcher'?

This topic is closed for new posts.