RESOURCES
National Institute of Standards and Technology (NIST)
Surprising New Password Guidelines from NIST, PasswordPing Ltd. ©2017The man who put us through password hell regrets everything, Swapna Krishna, EngadgetNIST’s new password rules – what you need to know, Chester Wisniewski, Naked SecurityShift in password strategy from NIST, Greg Masters, SC Media
Real-World Stories
Introducing 306 Million Freely Downloadable Pwned Passwords, troyhunt.comFormer St. Louis Cardinals Exec Gets Four-Year Prison Sentence for “Hacking” Astros' Database, Elliot Hannon, SlateFeds: Cardinals Hacker Probably Leaked To Deadspin As Revenge For Astros' Sports Illustrated Cover, Lindsey Adler, DeadspinSecurity! experts! slam! Yahoo! management! for! using! old! crypto!, Darren Pauli, The RegisterYahoo breach: I’ve closed my account because it used MD5 to hash my password, Mark Stockley, Naked SecurityWhy You Shouldn't Panic About Dropbox Leaking 68 Million Passwords, Thomas Fox-Brewster, Forbes51 Million iMesh Passwords Dumped Online, Paul Wagenseil, Tom's GuideHack Brief: Your Old Myspace Account Just Came Back to Haunt You, Brian Barrett, WiredCisco inadvertently weakens password encryption in its IOS operating system, Lucian Constantin, InforWorldMore Password Hashes to Crack – The Oil Company Edition, grecs, NoVA InfosecYahoo's password hack shows that it failed security 101, David Goldman, CNNHackers crack more than 60% of breached LinkedIn passwords, Jaikumar Vijayan, ComputerworldLinkedIn admits site hack, adds pinch of salt to passwords, Brid-Aine Parnell, The Register
Yahoo! Breach Updates
All 3 Billion Yahoo Accounts Were Affected by 2013 Attack, Nicole Perlroth, The New York TimesYahoo just said every single account was affected by 2013 attack — 3 billion in all, Todd Haselton, CNBCYahoo Triples Estimate of Breached Accounts to 3 Billion, Robert McMillan and Ryan Knutson, The Wall Street JournalYahoo says all 3 billion user accounts were impacted by 2013 security breach, Natt Garun, The VergeEvery single Yahoo account was hacked - 3 billion in all, Selena Larson, CNN Tech
Operating Systems
Understanding /etc/passwd File Format, Vivek Gite, nixCraftUnderstanding /etc/shadow file, Vivek Gite, nixCraftPasswords Technical Overview, Microsoft TechNet
Other
hashes.org/, an organization that attempts to reveal plain text of submitted hashes to evaluate security and help users recover forgotten passwords
转载于:https://www.cnblogs.com/sec875/articles/10015970.html
相关资源:password cracking
