Upgrade to Pro — share decks privately, control downloads, hide ads and more …

なぜ平文パスワードはNGなのか / Why are plain passwords evil?

Sponsored · Your Podcast. Everywhere. Effortlessly. Share. Educate. Inspire. Entertain. You do you. We'll handle the rest.
Avatar for Pudding Pudding
March 29, 2019
Technology
200
1

なぜ平文パスワードはNGなのか / Why are plain passwords evil?

近年話題の平文パスワード.流出していなくても大きく報道されるのは何故なのでしょうか.また,平文で保存しないためにどういった機構が採用されているのでしょうか.簡単にまとめました.

Avatar for Pudding

Pudding

March 29, 2019

More Decks by Pudding

See All by Pudding
GNU Make勉強会 / GNU Make Exercise
Avatar for Pudding pddg
2
11k
雑に覚えるVim / Vim Tutorial
Avatar for Pudding pddg
0
110
中古PCのススメ/The fundamentals of used PC
Avatar for Pudding pddg
1
100
もっと気楽にいきましょうって話 / Make more relax
Avatar for Pudding pddg
4
2.3k
アイデアの卵と動かざる手 / Do you have something to do to realize your idea?
Avatar for Pudding pddg
0
210
Docker Seminar for SEL@KIT
Avatar for Pudding pddg
0
130
進学先を間違ったなと思ったら / I made a mistake in my path
Avatar for Pudding pddg
0
160
Mizql Map @ KITハッカソン2018 by ツナ缶 / Mizql Map
Avatar for Pudding pddg
0
140
OSSのリスクマネジメント / OSS Risk management
Avatar for Pudding pddg
0
250

Other Decks in Technology

See All in Technology
脳が溶けた話 / Melted Brain
Avatar for Keisuke69 keisuke69
1
1.2k
VSCode中心だった自分がターミナル沼に入門した話
Avatar for Genki Sano sanogemaru
0
890
Bill One 開発エンジニア 紹介資料
Avatar for Sansan, Inc. sansan33
PRO
5
18k
「活動」は激変する。「ベース」は変わらない ~ 4つの軸で捉える_AI時代ソフトウェア開発マネジメント
Avatar for 辻裕士/sentokun sentokun
0
140
How to install a gem
Avatar for André Arko indirect
0
2.1k
【AWS】CloudTrail LakeとCloudWatch Logs Insightsの使い分け方針
Avatar for Yuma Tsurugasaki tsurunosd
0
130
第26回FA設備技術勉強会 - Claude/Claude_codeでデータ分析 -
Avatar for コロッケそば happysamurai294
0
330
Oracle AI Database@AWS:サービス概要のご紹介
Avatar for oracle4engineer oracle4engineer
PRO
3
2.1k
OpenClawでPM業務を自動化
Avatar for 西岡 賢一郎 (Kenichiro Nishioka) knishioka
2
370
パワポ作るマンをMCP Apps化してみた
Avatar for iwamot iwamot
PRO
0
290
Data Enabling Team立ち上げました
Avatar for SansanTech sansantech
PRO
0
180
AWSで2番目にリリースされたサービスについてお話しします(諸説あります)
Avatar for Yuuki Yamashita yama3133
0
110

Featured

See All Featured
Amusing Abliteration
Avatar for ianozsvald ianozsvald
1
150
SEOcharity - Dark patterns in SEO and UX: How to avoid them and build a more ethical web
Avatar for Sara Fernández Carmona sarafernandez
0
160
The B2B funnel & how to create a winning content strategy
Avatar for Katarina Dahlin katarinadahlin
PRO
1
320
Optimising Largest Contentful Paint
Avatar for Harry Roberts csswizardry
37
3.6k
The Illustrated Children's Guide to Kubernetes
Avatar for Chris Short chrisshort
51
52k
The Art of Programming - Codeland 2020
Avatar for Erika Heidi erikaheidi
57
14k
Automating Front-end Workflow
Avatar for Addy Osmani addyosmani
1370
200k
Introduction to Domain-Driven Design and Collaborative software design
Avatar for Kenny Baas-Schwegler baasie
1
700
New Earth Scene 8
Avatar for Sydney Stone popppiees
2
2k
Being A Developer After 40
Avatar for Adrian Kosmaczewski akosma
91
590k
Breaking role norms: Why Content Design is so much more than writing copy - Taylor Woolridge
Avatar for UX Y'all uxyall
0
240
[RailsConf 2023 Opening Keynote] The Magic of Rails
Avatar for Eileen M. Uchitelle eileencodes
31
10k

Transcript

  1. ͳͥฏจύεϫʔυ͸
 /(ͳͷ͔ QVEEJOH 1

  2. ʂ ࠷ۙɼ ʮฏจύεϫʔυʯ ͕Α͘χϡʔεʹͳ͍ͬͯΔ 2

  3. 3 IUUQTUFDIOJLLFJCQDPKQBUDMOYUNBHOD

  4. 4 IUUQTXXXJUNFEJBDPKQFOUFSQSJTFBSUJDMFTOFXTIUNM

  5. ? ʮฏจʯͬͯԿʁ 5

  6. ʮฏจʯ 6 ˔ ʮͻΒͿΜʯ·ͨ͸ʮ΁͍ͿΜʯ ˔ ҉߸ԽͳͲ͕ࢪ͞Ε͍ͯͳ͍จࣈྻ ˔ 8FCͷจ຺ʹ͓͍ͯ͸Ϣʔβͷೖྗͦͷ··ͷจࣈྻͱ ߟ͑ͯྑ͍ ˔

    ฏจύεϫʔυ͸ͭ·ΓɼϢʔβ͕ೖྗͨ͠ύεϫʔυΛ ͦͷ··อଘͯ͠ೝূʹ࢖༻͍ͯ͠Δɼͱ͍͏͜ͱ

  7. ? ͳͥฏจύεϫʔυ͸
 ʢྲྀग़͍ͯ͠ͳͯ͘΋ʣ
 μϝͳͷʁ 7

  8. ฏจύεϫʔυͰ૝ఆ͞ΕΔ͜ͱ 8 ˔ ྲྀग़ͨ͠ͱ͖ͷӨڹ͕େ͖͍ ˓ ύεϫʔυͷ࢖͍ճ͠͸ଟ͍ʢଞαʔϏεʹӨڹʣ ˓ ϩάΠϯ͞ΕΔͱ΍ΒΕ์୊ʢউखʹ঎඼Λങ͏౳ʣ ˔ ࣾһʹύεϫʔυΛ೺Ѳ͞ΕΔ

    ˓ ݟͣ஌Βͣͷଞਓ͕ࣗ෼ͷ
 ΞΧ΢ϯτʹϩάΠϯՄೳ͔΋
 ஌Εͳ͍ ˔ ௨ৗͷݸਓ৘ใʹൺ΂ͯ୯ͳΔྲྀग़ʹ
 ཹ·Βͳ͍ඃ֐ʹͳΓಘΔ

  9. ? Ͳ͏΍ͬͯϢʔβͷ ύεϫʔυ͕ਖ਼͍͜͠ͱΛ ͔֬Ί͍ͯΔͷʁ 9

  10. 10 ԿΒ͔ͷख๏ Ϣʔβ͔Βͷೖྗ ݩͷจࣈྻΛ༰қʹ
 ਪఆͰ͖ͳ͍จࣈྻ TEGBTEIPTJEG IPHF Ϣʔβ͔Βͷೖྗ IPHF TEGBTEIPTJEG

    0,

  11. ϋογϡԽ 11 ˔ ϋογϡؔ਺ͱ͸ɼ೚ҙͷσʔλ͔Βܾ·ͬͨσʔλ௕ ͷෆنଇͳ஋Λग़ྗ͢Δؔ਺ ˓ ͋Δจࣈྻ͔Β͸ৗʹಉ͡஋͕ग़ྗ͞ΕΔ ˓ ग़ྗ͞Εͨ஋͔ΒݩͷจࣈྻΛਪଌ͢Δ͜ͱ͕
 ʢൺֱతʣ೉͍͠

    ˔ σʔλϕʔεʹ͸ϋογϡԽͨ͠จࣈྻͷΈΛอଘ͓͖ͯ͠
 Ϣʔβͷೖྗͨ͠ύεϫʔυΛಉ͡ํ๏ͰϋογϡԽ͠ɼ
 Ұக͢Ε͹ೝূ੒ޭ

  12. ιϧτ 12 ˔ ϋογϡԽ͚ͩͰ͸·ͩऑ͍ ˓ ํ๏ʹΑͬͯ͸ղಡ͞ΕΔՄೳੑ༗Γ ˓ $3:153&$΍/*45ͷਪ঑͢Δख๏Λ࢖͓͏
 IUUQTXXXDSZQUSFDHPKQ ˔

    ιϧτͱ͍͏ϥϯμϜͳจࣈྻΛ෇Ճͯ͠ϋογϡԽ ˓ طʹจࣈྻ㲗ϋογϡ஋ͷؔ܎͕෼͔͍ͬͯΔ৔߹ʹରͯ͠ ΋༗ޮʢ߈ܸଆʹιϧτͷ಺༰͕࿙Εͳ͍ݶΓʣ ˓ ७ਮʹύεϫʔυ௕͕௕͘ͳΔͷͰղಡʹ͕͔͔࣌ؒΔ

  13. ετϨονϯά 13 ˔ ϋογϡͱιϧτ͚ͩͰ͸·ͩ؁͍ ˓ ۙ೥͸ڧྗͳܭࢉࢿݯΛ׆༻ͨ͠ߴ଎ͳ૯౰ͨΓ͕ߦΘΕΔ ˓ ΑΓղಡʹ͕͔͔࣌ؒΔΑ͏ʹ͢Δ ˔ ϋογϡԽͷॲཧΛ਺ઍʙ਺ສճ܁Γฦ͢

    ˓ ετϨονϯάͷճ਺ʹରͯ͠ઢܗతʹղಡ͕࣌ؒ
 ͔͔ΔΑ͏ʹͳΔ ˓ ετϨονϯάͷճ਺ʢʹղಡ࣌ؒͷ૿Ճʣ͸
 ॲཧʹ͔͔Δ࣌ؒͷ௕͞ͱͷτϨʔυΦϑ

  14. ·ͱΊ ˔ ฏจύεϫʔυ͸μϝ ˔ ύεϫʔυ͸࠷௿ݶιϧτ෇͖ϋογϡԽΛߦ͍ɼߋʹ ετϨονϯάͯ͠ڧ౓Λ্͛Δ ˓ ࠓ͸͜ΕͰྑ͍ͱ͞Ε͍ͯΔ͕ɼະདྷͰ͸
 ͞Βʹڧ౓Λ্͛Δ͜ͱ͕ٻΊΒΕ͍ͯΔ͔΋ ˔

    ࣗ෼ͷ࢖͏ύεϫʔυ͸Ͱ͖Δ͚ͩ௕͘͢Δ ˓ ෳࡶ͞ʢ࢖͏จࣈछͷଟ͞ʣΑΓ΋௕͕͞ॏཁ 14

  15. ͓·͚ ˔ %KBOHP͸ύεϫʔυΛͲ͏΍ͬͯอଘ͍ͯ͠Δͷ͔CZ 3ZVKJ5TVUTVJ
 IUUQTMJOLNFEJVNDPN01[W,:2Q7 ˔ ʰମܥతʹֶͿ҆શͳ8FCΞϓϦέʔγϣϯͷ࡞Γํ ୈ൛੬ऑੑ͕ੜ·ΕΔݪཧͱରࡦͷ࣮ફʱ
 IUUQTXXXBNB[PODPKQEQ SFGDN@TX@FN@S@NU@EQ@6@F/$C$(485

    15