Cisco has issued a security advisory revealing that it mis-coded the implementation of a new password hashing algorithm. Its “Type 4” password implementation was supposed to salt passwords and then run them through 1,000 iterations of SHA-256 for storage, following the Password-Based Key Derivation Function (PBKDF) version 2 …

COMMENTS

House rules Send corrections

This topic is closed for new posts.

Thursday 21st March 2013 08:56 GMT GreenJimll

So we've all got weak passwords stored in newer Cisco kit and they expect us to "gradually migrate to the new password type"? Jeez, thanks Mr Security!

0 0

This topic is closed for new posts.

Topics

Special Features

Vendor Voice

Resources

User topics

Article topics

User topics

Article topics

Cisco slip puts hardware at risk

COMMENTS

Other stories you might like

Fire in the Cisco! Networking giant's Duo MFA message logs stolen in phish attack

Cisco creates architecture to improve security and sell you new switches

MITRE admits 'nation state' attackers touched its NERVE R&D operation

Academics probe Apple's privacy settings and get lost and confused

Sun Microsystems co-founder charged with insider trading

Ker-Splunk! Cisco closes $28 billion analytics acquisition

Cisco is a fashion retailer now, with a spring collection to prove it

What a surprise! Apple found a way to deliver browser engine and app store choice

EU users can't update 3rd party iOS apps if abroad too long

Nutanix doesn't expect a rush of VMware refugees – maybe for years

C-suite execs not immune to downsizing drama at Cisco

Cybercriminals are stealing iOS users' face scans to break into mobile banking accounts

About Us

Our Websites

Your Privacy