Secure Password Storage
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.


PSM - Secure Password Storage Module
This project describes goals, threats, and design for a 
reusable password storage module (PSM or module). Contents

* Presentation Material - As presented @OWASP AppSecUSA Austin 2012
* Documents - Threat Model and Attacker vs. Defender Spreadsheet
* Demo code - Split hash collision utility (Python 2.x)

[Presentation Material]
* Secure Password Storage AUS (w/ Notes).pptx.pdf - With notes
* Secure Password Storage AUS.pptx.pdf - Full-size slides, no notes

* ThreatModelforPWStorage.pdf - PDF print of PW Storage Threat Model
                                Google doc @
* Password Scheme Attacker Defender Cost Comparison Sheet.xlsx 

* - Python utility for generating uniquely salted
       PBKDF2 hashes and then brute forcing them in full or in chunks

This material is not a finished Password Storage Module but simply a 
"As-is" dump of material as presented at OWASP AppSecUSA Austin 2012.

Please contact with questions/comments:
John Steven - - @M1splacedsoul