tag:blogger.com,1999:blog-684183198890094283.post3629693816014812671..comments2023-11-05T06:12:59.718-05:00Comments on S.Lott-Software Architect: Password Encryption -- Short Answer: Don't.S.Lotthttp://www.blogger.com/profile/06337323642834330176noreply@blogger.comBlogger4125tag:blogger.com,1999:blog-684183198890094283.post-7139049183297438392013-03-19T19:34:23.846-04:002013-03-19T19:34:23.846-04:00"In most cases, HTTPS is used to encrypt at t..."In most cases, HTTPS is used to encrypt at the socket layer. This means that Basic Authentication is all that's required"<br /><br />seems pretty clear.Paul Anthony McGowanhttps://www.blogger.com/profile/16708597231635158618noreply@blogger.comtag:blogger.com,1999:blog-684183198890094283.post-87134744013182515152013-01-03T03:11:22.404-05:002013-01-03T03:11:22.404-05:00Fine, we get the message, "Don't encrypt ...Fine, we get the message, "Don't encrypt passwords. Ever."<br /><br />But I don't see why (or why not). This blog post doesn't seem to explain anything.Anonymoushttps://www.blogger.com/profile/02123466026049557768noreply@blogger.comtag:blogger.com,1999:blog-684183198890094283.post-81166994739145149632012-08-30T07:18:19.719-04:002012-08-30T07:18:19.719-04:00No. "Don't encrypt passwords. Ever.&quo...No. "Don't encrypt passwords. Ever." It seems clear.<br /><br />Not in a database. Not anywhere. Never use a reversible encryption.<br /><br />How many different ways would you like me to repeat it?S.Lotthttps://www.blogger.com/profile/06337323642834330176noreply@blogger.comtag:blogger.com,1999:blog-684183198890094283.post-69026940043735751242012-08-29T06:36:40.972-04:002012-08-29T06:36:40.972-04:00hello!
Not even in the database?hello!<br />Not even in the database?cubyhttps://www.blogger.com/profile/09660168512809999334noreply@blogger.com