Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
Fetching latest commit…
Cannot retrieve the latest commit at this time.
|Failed to load latest commit information.|
PSM - Secure Password Storage Module ======== This project describes goals, threats, and design for a reusable password storage module (PSM or module). Contents include: * Presentation Material - As presented @OWASP AppSecUSA Austin 2012 * Documents - Threat Model and Attacker vs. Defender Spreadsheet * Demo code - Split hash collision utility (Python 2.x) ======== [Presentation Material] * Secure Password Storage AUS (w/ Notes).pptx.pdf - With notes * Secure Password Storage AUS.pptx.pdf - Full-size slides, no notes [Documents] * ThreatModelforPWStorage.pdf - PDF print of PW Storage Threat Model Google doc @ http://goo.gl/Spvzs * Password Scheme Attacker Defender Cost Comparison Sheet.xlsx [code] * split_hash_util.py - Python utility for generating uniquely salted PBKDF2 hashes and then brute forcing them in full or in chunks This material is not a finished Password Storage Module but simply a "As-is" dump of material as presented at OWASP AppSecUSA Austin 2012. Please contact with questions/comments: John Steven - firstname.lastname@example.org - @M1splacedsoul