Content area
Full text
TOOLS
Here's a piece of news that will worry anyone interested in security (which should be pretty much everyone who reads Network World): A programmer by the name of Juuso Salonen has created a Ruby script called BozoCrack that cracks MD5 hashed passwords with remarkable success and with very little effort.
Before we go any further, let's have a little background: Computer systems need a mechanism to authenticate users and processes so that the good guys can get in to do work and the had guys are locked out.
The most common authentication method is to use a name and a password, but if you were to store the password in plaintcxton the system you would run the risk that passwords could be exposed. Acommon solution is to not store the password at all bui instead keep something called an MD5 hash of...