Password Storage (And Hacking) in PHP


Comments are closed.

Good talk, gonna use this for our webshops. And i'm gonna buy the ubikey!

Very well presented, lots of valuable information on password hashing and algorithms. Anthony knows what he's talking about, and it shows. I liked the style of incrementally improving the password storing solution and the fact that the attacks were shown in a practical, real-world context.

Great talk. One could easily notice your passion and knowledge about the subject, without having the presentation go into too much detail.

Nice talk, touched on all the points I would expect, and the shows numbers really showed the reality of the problem.

Excellently structured talk teaching everything one needs to know on passwords, as well as covering the background and reasons for the choices made in the past.

Good structure, well explained and fully covered the subject. I nearly caught the yubikey, but I'll definitely buy one ;-)

very well presented, caught the attention and held it to the end.

Great talk! Presentation was gripping. The password cracking time examples were really eye opening. Love the forward compat bcrypt library. Will definitely use it for our current high stakes project.

loved the talk, really good overview and the right amount of details you need to know what you do whithout flooding me with cryptographic mathematics that i would not understand anyways. also loved the "reality check" approach saying you should not try to do too much.

Excellent wake-up call for those who haven't been concerned so far about password security.

To sum up - really good! I even dont know what I would like to have differently. Nice job Anthony!

Loved to see how fast the different hashes could be cracked, that made the problem very clear!

Another great talk on the subject of passwords and best practices. New developers must see these topics often to be reminded and learn things the right way.

Very interesting topic and well brought! One of the best talks on PHPBenelux this year.

A gifted speaker, an interesting subject and a lot information to digest (some known, some new). What more could you wish for?

Anonymous at 15:30 on 27 Jan 2013

Very good talk, thanks!

Great talk!

I was really surprised at how fast the hashes could be cracked. I didn't expect the hashes to be cracked that fast ( but knew they were easily cracked )

too bad I didn't get the ubi stick ;(

Very good, well documented and fluent talk! Would watch again :D

Now this was a well-structured talk! Very well built up to a fact that every PHP developer should know: use bcrypt. Even though there was no new information for me personally I still enjoyed myself because the presentation was very good and Anthony Ferrara clearly knew what he was doing.

Anonymous at 16:24 on 28 Jan 2013

Very interesting talk, great speaking style.
Was interesting to listen to from start to finish

Great talk, explained nicely and in a fun way. Definitely one of my favourite talks of the conference!

Great talk. I will recommend every developer who missed the talk or the whole conference to watch this when the videos get posted online. Important subject and very well presented. Have to checkout the Bad Web App at GitHub ;)

Very well prepared session. Every minute you made people clear that you know what you are talking about. I really liked the fact that you were able to show some information and go more into detail when needed or asked for.