Technology Update

Salted Hashing of Passwords

Author / Contributor

Salted Hashing of Passwords

During the course of Penetration testing of Web Applications at Cyber Security Division, NIC, several security vulnerabilities are identified. One of these vulnerabilities includes the finding that the credentials traveling in clear text can be sniffed from the network. The credentials can also be detected with the help of memory editing tools on shared systems which are used to access the authentication web pages. Considering the common nature of these problems and their solutions, throwing light on the underlying concepts is a must read for those targeting the problem while developing secure code in an effective manner. The following section sheds light on the solution to the problem

Edited by: Snigdha Acharya

Similar Articles

Dyslexia‑Friendly UI/UX Design Standards and Engineering Guidance for…

Technical and design standards for dyslexia-friendly UI/UX in digital…

Dyslexia‑Friendly UI/UX
MCP 2.0 Transforming DQL-Ready Data into AI-Ready Systems

MCP is an open standard that allows AI models to securely connect with…

MCP 2.0
Digital Trust The Cornerstone of Secure and Inclusive e-…

Digital trust is the foundation of India’s e-Governance revolution. It…

Digital Trust
Cyber Cycurity

Also read

A Cuban delegation led by H.E. Juan Carlos Marsan visited NIC HQ for discussions with Shri Abhishek Singh, Addl. Secretary, MeitY & DG, NIC to explore deeper collaboration in the digital and technology domain

NIC Strengthens Global Digital Cooperation through ICD Engagements…

The National Informatics Centre (NIC), through its International Cooperation Division (ICD…

Read more

Dyslexia‑Friendly UI/UX

Dyslexia‑Friendly UI/UX: Design Standards and Engineering Guidance for…

Technical and design standards for dyslexia-friendly UI/UX in digital government services…

Read more

Gov.in Secure Intranet

Gov.in Secure Intranet: An AI-Powered Secure Digital Platform for Government

Gov.in Secure Intranet is a G2G digital platform developed by NIC under MeitY to support d…

Read more

MedLEaPR

MedLEaPR: Transforming India’s Medico-Legal Ecosystem

MedLEaPR is a national digital platform that streamlines medico-legal processes by securel…

Read more

Securing Endpoints

Securing Endpoints Protecting a New Frontier in Cyber Warfare

Perimeter has long been a preferred war zone for the adversaries and defenders of the cybe…

Read more

NIC TAG

NIC TAG Awards and Launch Ceremony

NIC TAG group organised State Mobile App and WebApp UI/UX Contests in July 2021. The award…

Read more

Government email services

Government Email Service Enabling secure communication channel…

The importance of Email Service was evident during the ongoing pandemic as it ensured that…

Read more

e-SHRAM

e-SHRAM - Portal for Registration of Unorganized Labourers of India

e-SHRAM is the firstever national database of unorganized workers. It aims at registering…

Read more

Producing high quality, secure software at pace

DevSecOps - Producing high quality, secure software at pace

Enterprises across the world are demanding software release at high speed to meet business…

Read more

NIC-CERT’s endeavor towards a predictive cyber security approach

Leveraging Big Data & AI-ML for Security Analytics

NIC has been a prominent target for cyber attacks. The sheer volume of government applicat…

Read more