Businesses that maintain any sort of online accounts for their customers or other interested parties must eventually confront the issue of password encryption. In recent months, major breaches at several high-profile online sites have caused many to wonder over the effectiveness of using hashed passwords. LinkedIn was perhaps the most well-known site to have its password hashing compromised, but other major online businesses such as eHarmony and Last.fm have experienced similar problems.
All the companies have seen hackers gain unauthorized access to a portion of the hashed passwords in use on their sites. The hackers have then posted the hashed passwords on forums that specialize in promulgating ‘underground’ material. The problem of password security, however, is not limited to large companies. Any small business that allows users to sign in, to keep the contents of a shopping cart active, for example, has good reason to take a close look at how hashed passwords work and how such systems can potentially be improved.