Check the online version, I often update my slides.

Talk detail

Running a web app? Would you voluntarily share how your web app stores passwords? Some companies indeed do disclose, like Facebook, Twitter, and 1Password to name just a few. Some disclose involuntarily. Some don't share at all, because they don't care. They feel that it will make them more vulnerable. Here's why you should disclose and how.

See my list of companies sharing their password hashing policies.

Details on the event website

Date and event

September 24, 2016, WebExpo 2016 (talk duration 20 minutes, video)

Video recording

https://slideslive.com/38898323/disclosing-password-hashing-policies

Michal Špaček

Michal Špaček

I build web applications and I'm into web application security. I like to speak about secure development. My mission is to teach web developers how to build secure and fast web applications and why.

Public trainings

Come to my public trainings, everybody's welcome:

PHP application security
(September 24–25, 2019 Praha)

HTTPS for developers and admins
(September 26, 2019 Praha)