As if to illustrate the main point in our recently published whitepaper (posted June 10) on handling passwords securely, The Associated Press reported yesterday on a scam where hackers broke into Citibank’s network of ATMs inside 7-Eleven stores and stole customers’ PIN codes. The article reports that, “despite industry standards that call for protecting PINs with strong encryption — which means encoding them to cloak them to outsiders — some ATM operators apparently aren’t properly doing that. The PINs seem to be leaking while in transit between the automated teller machines and the computers that process the transactions.”
While most of your web apps may not be as attractive targets as bank ATMs, it certainly highlights the password handling vulnerability brightly. Read our whitepaper for suggestions on how to guard your web app against this.
Related posts:
- FMProxy FMProxy is a PHP class that facilitates authentication of Flex...
Related posts brought to you by Yet Another Related Posts Plugin.
|
Posted by Jeremiah Small on July 2, 2008 at 6:25 pm
