Database Password Storage Exposes Need For Better ID Management
The recent hack against a database full of FTP passwords held by Web hosting firm DreamHost highlights a growing database breach trend that’s seeing password stores exposed by the boatload. Though these databases contain sensitive authentication information, they’re often left far less protected than databases containing PII. Experts warn that if organizations are truly serious about their security and compliance programs, they need to either find better ways to secure the passwords in the databases they’re distributed across the network, or look for alternatives that will ditch this method of storage altogether.
