There are several techniques used for storing passwords; some are very good, while some are downright terrible. Without mentioning the name of the organizations (for security purposes), I am, and have been associated with 2 groups that, without a doubt in my mind, store passwords in an extremely insecure manner. And of course, they’re not alone.
It is easy to spot an organization that stores passwords either completely unencrypted or encrypted using a method that allows for decryption easily. One method to spot this insecure behavior is the ability to “recover your password” without the need of resetting it. If you can recover your password, then someone else can easily access it as well (with the right tools). Another method is one to spot carefully… it’s not to fear when a company requires your password to be different from your previous X passwords, but when they also look for similarities and judge your password to be “too close”. This may come off as being a very secure tactic, when indeed it must mean that they are storing not just one, but several old passwords in a way that would make them, once again, an easy target.
So now we know some things to spot visibly that should throw up some caution flags. What else is there to know. There are methods of storing passwords that are more secure. For instance, storing a “hash” or checksum of a password using an irreversible, or one-way, algorithm is a good start. There are several hashing methods out there, some of which are better than others, but before we continue, allow me to explain what a hash is and how it can benefit secure data storage. Read the rest of this entry »
I posted a simple heart vector last week, which I actually had a fair amount of fun making. As I was making it, I noticed how many shortcuts and simple techniques make the process of vector illustration so much easier. I’ve learned a ton of great stuff from Vectips, Vectortuts, and Abduzeedo and wanted to pass along some workflow tips of my own. Have fun.
Oh, I should stress (as though it’s not already obvious), I’m no anatomist.
I thought I’d take a few minutes to go over the basics of what I’m going to be accomplishing over the next few weeks. I plan on guiding everyone through some of the basics of building your own user authentication system. This will include many segments varying from storing password information securely, user registration (and required information), password recovery vs. password reset, analyzing security vulnerabilities, possible applications and a wide variety of other topics that could possibly go along.
I will be starting off with a very basic set of security rules that you will need to keep in mind in order to maintain a secure list of users and password information. Without going in to further details, I can’t stress enough the huge mistake that many authentication systems use by limiting the size, type, and strength of a users passwords as well as the mistake of how the information is stored. I plan on analyzing a few preexisting systems and show some fundamental flaws associated with them, and provide tips to help safeguard your data from any unwanted guests.
Please be sure to check back soon, as I will be posting in the next few days.
No matter what you think of his politics, U.S. presidential cantidate Barack Obama has a pretty incredible marketing and design machine behind him. One strong example of this is his “O” logo. Simple, attractive, symbolic, it’s undeniably an effective logo.
Another aspect of the Obama campaign that is attractive to a lot of American’s is the grass-roots, everybody can be involved attitude that they’ve been trying quite successfully to convey. In honor of that attitude, and just in time for the Democratic Convention, I thought I would show some really helpful Illustrator techniques by making the Obama logo. In this tutorial, we’ll be going over the Pathfinder, Envelope Warps, Opacity Masks, and Gradient Meshes. And we’ll use a drop shadow!
What’s that? You don’t think we can do it? I have three words for you my friend.
In this tutorial I will be going over some of the basic elements to making a game in Flash. This being the first in a short series of tutorials on the subject, I will cover the main game loop and keyboard controls. Read the rest of this entry »
