Reply to post: Re: Pass the salt...

Bombshell discovery: When it comes to passwords, the smarter students have it figured

jvroig

Re: Pass the salt...

Hello, anothercynic.

No, we haven't really been using that. The entire research activity that produced this paper (and the more expansive paper currently under conference consideration and peer review) has mostly been centered around matching with Troy Hunt's breach corpus and the NIST "match-against-bad-passwords" guideline.

We'll definitely consider looking into having that included in the design of follow-up experiments.

I'm very glad this Register article attracted a fellow security researcher. I hope reading the paper itself gave you some new insights into your own job, as your comment here has given us an interesting thing to consider for our future ones! [science++]

Regards,

-JV

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019