The Web site’s developers forgot about early users when they implemented strong password hashing three years ago
By Lucian Constantin
Until today, the creators of the hacked AshleyMadison.com infidelity website appeared to have done at least one thing well: protect user passwords with a strong hashing algorithm. That belief, however, was painfully disproved by a group of hobbyist password crackers.
The 16-man team, called CynoSure Prime, sifted through the Ashley Madison source code that was posted online by hackers and found a major error in how passwords were handled on the website.
To read the entire article, please click here.
Source: http://www.csoonline.com
