DataRealm Comments on the Security Benefits of Password Hashing [...]

DataRealm Comments on the Security Benefits of Password Hashing Best Practices

📅 June 26, 2015 - Datarealm, a leading provider of cloud, virtual private server, and dedicated server hosting, has commented to highlight the importance of following best practices when hashing and salting passwords.

The company, a hosting provider for hundreds of web services that rely on passwords for authentication, has highlighted the recent security breach at the LastPass password management service and the way in which proper hashing and salting of passwords helped keep users safe even though hashed master passwords were leaked.

As reported by Dan Goodin in Ars Technica on June 15, LastPass suffered a network breach that allowed attackers to gain access to hashed passwords, salts, and other sensitive information. Users of LastPass are at little risk, because LastPass uses salted hashes and repeated rounds of hashing with slow hashing algorithms. It is highly unlikely that the attackers will be able to reverse the hashes because of the slow algorithms used: the resource requirements would be extreme.

Unfortunately, the use of slow hashing algorithms is not yet an industry standard. Many sites and services employ very fast hashing algorithms like SHA1, which are trivially easy to reverse given the technology available to online criminals.

“If you run an Internet-facing service, the safe bet is that eventually you will be the victim of a security breach. It is as important to ensure that leaked data is useless to attackers as it is to invest in external network protections like firewalls,” advised Andrew Auderieth, CEO of Datarealm, “Secure hashing with salts using slow hashing algorithms will significantly degrade the ability of online criminals to leverage stolen data for identity theft and other malicious purposes.”

Slow hashing algorithms like the PBKDF2-SHA256 employed by LastPass are computationally intensive and consume more resources than faster algorithms, but the security benefits are considerable. It is embarrassing for companies to suffer data loss, but the damage to a business's reputation can be substantially mitigated if it can assure users that it invested in the technology to keep them safe.

About Datarealm:

Founded in 1995, Datarealm was one of the first Web hosting companies in the world. Datarealm has maintained its position as a trusted industry leader by continuously investing in cutting-edge web technologies and a commitment to extraordinary customer service. Datarealm's current web hosting products include an advanced secure cloud hosting platform, dedicated servers, virtual private servers, and shared hosting. For more information, visit http://www.datarealm.com/

Reads: 1126 | Category: General | Source: TheHN : The Hosting News
URL source:

Company: Data Realm

Want to add a website news or press release ? Just do it, it's free! Use add web hosting news!

Related news

📅 Jun 8, 2015 - Datarealm Announces Preferred ECommerce Partnership with the Redwoods Company - Datarealm, a leading provider of cloud, virtual private server, and dedicated server hosting, has announced a new preferred hosting partnership with merchant services provider The Redwoods Company.

The partnership brings together Datarealm's advanced managed hosting services and The Redwoods Company's expansive portfolio of eCommerce merchant services, creating an end-to-end eCommerce solution that provides everything a merchant needs to build and manage their online retail presence.

Datarealm is a client-oriented hosting provider with two decades of experience providing secure, reliable, and fast web hosting to eCommerce retailers. Located in the company's Phoenix, Arizona data center, ...

📅 Apr 7, 2015 - Datarealm Warns Of Increasing Risks from Unscrupulous Certificate Authorities - Datarealm, a leading provider of cloud and dedicated server hosting, is warning of an increasing risk to users posed by unscrupulous certificate authorities. In recent weeks, there have been several examples of information security risks created because of certificate authorities who do not act in accordance with the best interests of web users.

Microsoft (March 16, 2015) and Google (March 23, 2015) have both been forced forced to issue security advisories in recent weeks about improper use of the SSL / TLS certificates on which information security for web sites and eCommerce stores depends.

The SSL / TLS system depends on trusted certificate authorities actually being trustworthy. ...

📅 Mar 3, 2015 - Datarealm Comments on the State Of Cloud Security - Datarealm, a leading provider of secure cloud hosting, recently commented on the perception of cloud security and the responsibility that both cloud vendors and enterprise cloud clients have to implement data security best practices to protect user data.

Cloud security should be viewed as a partnership between vendor and user, with both parties fully engaged in the implementation of secure systems and processes. Datarealm believes that cloud vendors should strive to provide clients with easy-to-use tools and support in using cloud platforms securely.

Creating and implementing a comprehensive cloud and information security policy enables companies to mitigate potential risks that arise ...

📅 Nov 28, 2014 - Datarealm Announces Massive Friday Hosting Price Reduction - Datarealm, a trusted provider of shared hosting, cloud servers, and dedicated server hosting, has announced a ten percent price reduction across all hosting plans starting on Black Friday. The company is also making one of its most popular dedicated hosting plans even better value for money by doubling the RAM and waiving the setup fee for new clients.

The reduction applies to hosting plans bought between Friday, November 28 and Monday, December 1, and includes the company's entire range of high performance hosting. The lead up to the holiday season is the perfect time to think about upgrading hosting; Datarealm's powerful dedicated servers plans, which received a comprehensive hardware ...