Is the code available for this, or could you point us to someone who could help install?

Thanks, Chris!

Congratulations on your move! I’m sure as tough of a decision as it maybe, it was a good one.

I originally found you on LinkedIn while doing a project around trying to find good senior management to reach to in regards to a specific candidate. Then I found your twitter, then read your timeline, then your blog, and now here I am…

My request is probably not appropriate but minimally I could congratulate you before leaving your blog.

If you need anything in the future please do not hesitate to reach out for any reason any time.

Talk soon,
EW

Will this still be within the profile directory, or will we no longer be able to copy a profile directory from one computer to another and have it just work?

So we are just forcing the issue.

and yes, agree, hashes are simply just weak.

bcrypt and similar solve this problem by making brute force attacks infeasible because nobody has the computational power to do it. I think you may be overcomplicating this by adding a layer above bcrypt.

See http://chargen.matasano.com/chargen/2007/9/7/enough-with-the-rainbow-tables-what-you-need-to-know-about-s.html

Richard Milewski wrote and published this information surrounding the creation and use of safe passwords. He broke it down into three areas:

Part 1: covers common mistakes that lead to insecure passwords,
Part 2: shows how to use memorable phrases to make secure easy-to remember passwords,
Part 3: has ways to get your browser to help manage your passwords, and sync them between your browsers on different machines and mobile devices.

There’s also a fun video! You can see a full overview at his blog here: http://richard.milewski.org/archives/734