All categories

Posts in “Security”

pifts.exe

Tue, Mar 10, 2009
I just read about pifts.exe at a fellow Swedish blogger. It does look a little suspicious, but I am not convinced it is a cover up. All the threads I have seen mentioning pifts.exe at the Norton Forum site, before being deleted, has contained loads of junk. I might be a social attack against Norton.

Saving passwords

Sun, May 20, 2007
I am by no means a security guru, but can all you developers please end your stupid habit of saving passwords in clear text to the database. It makes my cry when I click ‘forgot password’ on a web site and get a mail with my old password in it. Make a hash out of the users password combined with a random value, called salt. Store the salt and the hash in the database.