Archive for the ‘Development’ Category

More Salty Thoughts – Protecting Weak Passwords

Start by assuming a very bad situation – a copy of your database has been obtained by the bad guys, to attack off-line at their leisure. How safe are we? For those accounts with strong passwords, SHA is great and our user’s password data is well protected. Weak passwords are another story.

Salting SHA in MySql

Encrypting user’s information like their passwords needs to be easy. All the old MySql functions like PASSWORD() and ENCRYPT() still exist but are considered not secure enough anymore. These days only MD5 and SHA1 are strong enough to withstand an attack, but even so, both by themselves have vulnerabilities that can be exploited requiring some […]

Fixing GoDaddy MySql Performance, Part II

After probing two MySql databases every 10 minutes for 12 hours I can safely say there is a major difference in the lag time between the GoDaddy MySql database servers.

Fixing GoDaddy MySql Performance, Part I

Almost everyone who owns a website starts out on GoDaddy and quickly learns to move to another host. Apparently I’m just thick.  I still have some stuff with GoDaddy, including my family’s site, this blog, and some of my apps that my company hosts for clients. I’ve got an interesting performance problem this time and […]