Feeds

back to article Cisco slip puts hardware at risk

Cisco has issued a security advisory revealing that it mis-coded the implementation of a new password hashing algorithm. Its “Type 4” password implementation was supposed to salt passwords and then run them through 1,000 iterations of SHA-256 for storage, following the Password-Based Key Derivation Function (PBKDF) version 2 …

COMMENTS

This topic is closed for new posts.
Facepalm

So we've all got weak passwords stored in newer Cisco kit and they expect us to "gradually migrate to the new password type"? Jeez, thanks Mr Security!

0
0
This topic is closed for new posts.