ZDNet

A quarter of major CMSs use outdated MD5 as the default password hashing scheme

Some of the projects that use MD5 as the default method for storing user passwords include WordPress, osCommerce, SuiteCRM, miniBB, SugarCRM, CMS Made Simple, MantisBT, Phorum, Observium, and X3cms.
Dark Reading

Moving Away From Rash Hashing Decisions

The past few years have been a bonanza for password breaches as poor deployment or nonexistent encryption practices combined with database and Web application vulnerabilities to SQL injection continue ...
ZDNet

Up to 1 million Scribd user passwords may have been compromised

The world's largest document sharing site Scribd says it was hacked earlier this week and believes up to one percent of its 100 million users' passwords were compromised due to being stored with an ...
Dark Reading

Safely Storing User Passwords: Hashing vs. Encrypting

Over the past several months, we've seen major breaches exposing numerous usernames and passwords. The eBay and Adobe breaches impacted millions of accounts. Snapchat was compromised. With every ...
Threat Post

Cryptographers Aim to Find New Password Hashing Algorithm

Passwords are the keys to our online identities, and as a result, they’re also near the top of the target list for attackers. There have been countless breaches in the last few years in which ...