Easy to install and affordable plugin for securing your client's passwords was just launched by MassChallenge winner BlindHash on the nopCommerce marketplace this week. If you are worried about the threat of a breach and the costs associated with the aftermath of a breach, check this new plugin out.
Click here to learn more.
Secure your Client's Passwords with new Plugin
MVP
Gold Solution Partner
Certified Developer
- 2139
- 22181
- 7/23/2009
- India
[email protected] wrote:
Hi,
Can you share more details on what does plugin do exactly?
Regards
Easy to install and affordable plugin for securing your client's passwords was just launched by MassChallenge winner BlindHash on the nopCommerce marketplace this week. If you are worried about the threat of a breach and the costs associated with the aftermath of a breach, check this new plugin out.
Click here to learn more.
Click here to learn more.
Hi,
Can you share more details on what does plugin do exactly?
Regards
- 2
- 20
- 6/22/2017
- United States
Glad to try and explain.
Most passwords today are hashed to protect the actual clear text password. Hashing algorithms have changed over the years and they keep getting more complex and slower. Problem is that the hashes and salts (if used) are stored in the database so a breach of any kind makes them vulnerable as the hacker has all that is needed to crack the passwords and they eventually will. They take the password database offline and run dictionary attacks to get positive matches. Our plugin blinds the hash in our data center so that a breach on a NOP site would not result in the attacker having the hash so they could not get a positive return even if they happen to guess correctly. This is especially important to NOP users because the NOP platform uses an older algorithm (Shaw 1) that is not considered to be very secure and has been attacked and defeated in other industries. Hope this helps.
Most passwords today are hashed to protect the actual clear text password. Hashing algorithms have changed over the years and they keep getting more complex and slower. Problem is that the hashes and salts (if used) are stored in the database so a breach of any kind makes them vulnerable as the hacker has all that is needed to crack the passwords and they eventually will. They take the password database offline and run dictionary attacks to get positive matches. Our plugin blinds the hash in our data center so that a breach on a NOP site would not result in the attacker having the hash so they could not get a positive return even if they happen to guess correctly. This is especially important to NOP users because the NOP platform uses an older algorithm (Shaw 1) that is not considered to be very secure and has been attacked and defeated in other industries. Hope this helps.