RedDotRuby 2014 - 80,000 Plaintext Passwords: An Open Source Love Story in 3 Acts
T.J. Schuck • June 26, 2014 • Singapore
fluffmuffin, peppercorn, gilligan — those are just a few of our users' plain text passwords.
I have 80,000 more, and it only took me 87 seconds to gather them from our customer database in a white-hat attack.
In Act I, we'll cover the history of secure password storage, examine the hack, and mitigate the threat. Act II will address the difficulties of working on libraries with complicated external dependencies (like bcrypt-ruby, of which I'm now a maintainer). In Act III, we'll celebrate the power of global collaboration via OSS.
[Scene.]
Help us caption & translate this video!
Red Dot Ruby Conference 2014
