Cisco has issued a security advisory revealing that it mis-coded the implementation of a new password hashing algorithm. Its “Type 4” password implementation was supposed to salt passwords and then run them through 1,000 iterations of SHA-256 for storage, following the Password-Based Key Derivation Function (PBKDF) version 2 …
So we've all got weak passwords stored in newer Cisco kit and they expect us to "gradually migrate to the new password type"? Jeez, thanks Mr Security!
- Asteroid's DINO KILLING SPREE just bad luck – boffins
- Just TWO climate committee MPs contradict IPCC: The two with SCIENCE degrees
- Stick a 4K in them: Super high-res TVs are DONE
- BEST BATTERY EVER: All lithium, all the time, plus a dash of carbon nano-stuff
- Review You didn't get the MeMO? Asus Pad 7 Android tab is ... not bad