$30 off During Our Annual Pro Sale. View Details »

なぜ平文パスワードはNGなのか / Why are plain passwords evil?

Avatar for Pudding Pudding
March 29, 2019
Technology
1
190

なぜ平文パスワードはNGなのか / Why are plain passwords evil?

近年話題の平文パスワード.流出していなくても大きく報道されるのは何故なのでしょうか.また,平文で保存しないためにどういった機構が採用されているのでしょうか.簡単にまとめました.

Avatar for Pudding

Pudding

March 29, 2019
Tweet

More Decks by Pudding

See All by Pudding
GNU Make勉強会 / GNU Make Exercise
Avatar for Pudding pddg
2
11k
雑に覚えるVim / Vim Tutorial
Avatar for Pudding pddg
0
98
中古PCのススメ/The fundamentals of used PC
Avatar for Pudding pddg
1
89
もっと気楽にいきましょうって話 / Make more relax
Avatar for Pudding pddg
4
2.3k
アイデアの卵と動かざる手 / Do you have something to do to realize your idea?
Avatar for Pudding pddg
0
190
Docker Seminar for SEL@KIT
Avatar for Pudding pddg
0
120
進学先を間違ったなと思ったら / I made a mistake in my path
Avatar for Pudding pddg
0
140
Mizql Map @ KITハッカソン2018 by ツナ缶 / Mizql Map
Avatar for Pudding pddg
0
130
OSSのリスクマネジメント / OSS Risk management
Avatar for Pudding pddg
0
240

Other Decks in Technology

See All in Technology
日本の AI 開発と世界の潮流 / GenAI Development in Japan
Avatar for Yoshitaka Haribara hariby
1
360
アラフォーおじさん、はじめてre:Inventに行く / A 40-Something Guy’s First re:Invent Adventure
Avatar for 株式会社カミナシ kaminashi
0
130
20251203_AIxIoTビジネス共創ラボ_第4回勉強会_BP山崎.pdf
Avatar for AIxIoTビジネス共創ラボ iotcomjpadmin
0
130
SREが取り組むデプロイ高速化 ─ Docker Buildを最適化した話
Avatar for capytan capytan
0
140
"人"が頑張るAI駆動開発
Avatar for yoko yokomachi
1
120
AWS運用を効率化する!AWS Organizationsを軸にした一元管理の実践/nikkei-tech-talk-202512
Avatar for 日本経済新聞社 エンジニア採用事務局 nikkei_engineer_recruiting
0
170
シニアソフトウェアエンジニアになるためには
Avatar for KNOWLEDGE WORK / 株式会社ナレッジワーク kworkdev
PRO
3
270
Agent Skillsがハーネスの垣根を超える日
Avatar for Gota gotalab555
6
4.1k
AgentCore BrowserとClaude Codeスキルを活用した 『初手AI』を実現する業務自動化AIエージェント基盤
Avatar for Hirokatsu Endo ruzia
7
1.4k
M&Aで拡大し続けるGENDAのデータ活用を促すためのDatabricks権限管理 / AEON TECH HUB #22
Avatar for GENDA genda
0
230
202512_AIoT.pdf
Avatar for AIxIoTビジネス共創ラボ iotcomjpadmin
0
140
Identity Management for Agentic AI 解説
Avatar for Naohiro Fujie fujie
0
450

Featured

See All Featured
Templates, Plugins, & Blocks: Oh My! Creating the theme that thinks of everything
Avatar for Michelle Schulp Hunt marktimemedia
31
2.6k
Sam Torres - BigQuery for SEOs
Avatar for Tech SEO Connect techseoconnect
PRO
0
140
Have SEOs Ruined the Internet? - User Awareness of SEO in 2025
Avatar for Akash Hashmi akashhashmi
0
190
Building Better People: How to give real-time feedback that sticks.
Avatar for Will Jessup wjessup
370
20k
The Hidden Cost of Media on the Web [PixelPalooza 2025]
Avatar for Tammy Everts tammyeverts
2
120
Testing 201, or: Great Expectations
Avatar for Joseph Mastey jmmastey
46
7.8k
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
Avatar for Sam Stephenson sstephenson
162
16k
Building Experiences: Design Systems, User Experience, and Full Site Editing
Avatar for Michelle Schulp Hunt marktimemedia
0
330
Color Theory Basics | Prateek | Gurzu
Avatar for Gurzu gurzu
0
150
The Web Performance Landscape in 2024 [PerfNow 2024]
Avatar for Tammy Everts tammyeverts
12
980
The Power of CSS Pseudo Elements
Avatar for Geoffrey Crofte geoffreycrofte
80
6.1k
End of SEO as We Know It (SMX Advanced Version)
Avatar for Michael King ipullrank
2
3.8k

Transcript

  1. ͳͥฏจύεϫʔυ͸
 /(ͳͷ͔ QVEEJOH 1

  2. ʂ ࠷ۙɼ ʮฏจύεϫʔυʯ ͕Α͘χϡʔεʹͳ͍ͬͯΔ 2

  3. 3 IUUQTUFDIOJLLFJCQDPKQBUDMOYUNBHOD

  4. 4 IUUQTXXXJUNFEJBDPKQFOUFSQSJTFBSUJDMFTOFXTIUNM

  5. ? ʮฏจʯͬͯԿʁ 5

  6. ʮฏจʯ 6 ˔ ʮͻΒͿΜʯ·ͨ͸ʮ΁͍ͿΜʯ ˔ ҉߸ԽͳͲ͕ࢪ͞Ε͍ͯͳ͍จࣈྻ ˔ 8FCͷจ຺ʹ͓͍ͯ͸Ϣʔβͷೖྗͦͷ··ͷจࣈྻͱ ߟ͑ͯྑ͍ ˔

    ฏจύεϫʔυ͸ͭ·ΓɼϢʔβ͕ೖྗͨ͠ύεϫʔυΛ ͦͷ··อଘͯ͠ೝূʹ࢖༻͍ͯ͠Δɼͱ͍͏͜ͱ

  7. ? ͳͥฏจύεϫʔυ͸
 ʢྲྀग़͍ͯ͠ͳͯ͘΋ʣ
 μϝͳͷʁ 7

  8. ฏจύεϫʔυͰ૝ఆ͞ΕΔ͜ͱ 8 ˔ ྲྀग़ͨ͠ͱ͖ͷӨڹ͕େ͖͍ ˓ ύεϫʔυͷ࢖͍ճ͠͸ଟ͍ʢଞαʔϏεʹӨڹʣ ˓ ϩάΠϯ͞ΕΔͱ΍ΒΕ์୊ʢউखʹ঎඼Λങ͏౳ʣ ˔ ࣾһʹύεϫʔυΛ೺Ѳ͞ΕΔ

    ˓ ݟͣ஌Βͣͷଞਓ͕ࣗ෼ͷ
 ΞΧ΢ϯτʹϩάΠϯՄೳ͔΋
 ஌Εͳ͍ ˔ ௨ৗͷݸਓ৘ใʹൺ΂ͯ୯ͳΔྲྀग़ʹ
 ཹ·Βͳ͍ඃ֐ʹͳΓಘΔ

  9. ? Ͳ͏΍ͬͯϢʔβͷ ύεϫʔυ͕ਖ਼͍͜͠ͱΛ ͔֬Ί͍ͯΔͷʁ 9

  10. 10 ԿΒ͔ͷख๏ Ϣʔβ͔Βͷೖྗ ݩͷจࣈྻΛ༰қʹ
 ਪఆͰ͖ͳ͍จࣈྻ TEGBTEIPTJEG IPHF Ϣʔβ͔Βͷೖྗ IPHF TEGBTEIPTJEG

    0,

  11. ϋογϡԽ 11 ˔ ϋογϡؔ਺ͱ͸ɼ೚ҙͷσʔλ͔Βܾ·ͬͨσʔλ௕ ͷෆنଇͳ஋Λग़ྗ͢Δؔ਺ ˓ ͋Δจࣈྻ͔Β͸ৗʹಉ͡஋͕ग़ྗ͞ΕΔ ˓ ग़ྗ͞Εͨ஋͔ΒݩͷจࣈྻΛਪଌ͢Δ͜ͱ͕
 ʢൺֱతʣ೉͍͠

    ˔ σʔλϕʔεʹ͸ϋογϡԽͨ͠จࣈྻͷΈΛอଘ͓͖ͯ͠
 Ϣʔβͷೖྗͨ͠ύεϫʔυΛಉ͡ํ๏ͰϋογϡԽ͠ɼ
 Ұக͢Ε͹ೝূ੒ޭ

  12. ιϧτ 12 ˔ ϋογϡԽ͚ͩͰ͸·ͩऑ͍ ˓ ํ๏ʹΑͬͯ͸ղಡ͞ΕΔՄೳੑ༗Γ ˓ $3:153&$΍/*45ͷਪ঑͢Δख๏Λ࢖͓͏
 IUUQTXXXDSZQUSFDHPKQ ˔

    ιϧτͱ͍͏ϥϯμϜͳจࣈྻΛ෇Ճͯ͠ϋογϡԽ ˓ طʹจࣈྻ㲗ϋογϡ஋ͷؔ܎͕෼͔͍ͬͯΔ৔߹ʹରͯ͠ ΋༗ޮʢ߈ܸଆʹιϧτͷ಺༰͕࿙Εͳ͍ݶΓʣ ˓ ७ਮʹύεϫʔυ௕͕௕͘ͳΔͷͰղಡʹ͕͔͔࣌ؒΔ

  13. ετϨονϯά 13 ˔ ϋογϡͱιϧτ͚ͩͰ͸·ͩ؁͍ ˓ ۙ೥͸ڧྗͳܭࢉࢿݯΛ׆༻ͨ͠ߴ଎ͳ૯౰ͨΓ͕ߦΘΕΔ ˓ ΑΓղಡʹ͕͔͔࣌ؒΔΑ͏ʹ͢Δ ˔ ϋογϡԽͷॲཧΛ਺ઍʙ਺ສճ܁Γฦ͢

    ˓ ετϨονϯάͷճ਺ʹରͯ͠ઢܗతʹղಡ͕࣌ؒ
 ͔͔ΔΑ͏ʹͳΔ ˓ ετϨονϯάͷճ਺ʢʹղಡ࣌ؒͷ૿Ճʣ͸
 ॲཧʹ͔͔Δ࣌ؒͷ௕͞ͱͷτϨʔυΦϑ

  14. ·ͱΊ ˔ ฏจύεϫʔυ͸μϝ ˔ ύεϫʔυ͸࠷௿ݶιϧτ෇͖ϋογϡԽΛߦ͍ɼߋʹ ετϨονϯάͯ͠ڧ౓Λ্͛Δ ˓ ࠓ͸͜ΕͰྑ͍ͱ͞Ε͍ͯΔ͕ɼະདྷͰ͸
 ͞Βʹڧ౓Λ্͛Δ͜ͱ͕ٻΊΒΕ͍ͯΔ͔΋ ˔

    ࣗ෼ͷ࢖͏ύεϫʔυ͸Ͱ͖Δ͚ͩ௕͘͢Δ ˓ ෳࡶ͞ʢ࢖͏จࣈछͷଟ͞ʣΑΓ΋௕͕͞ॏཁ 14

  15. ͓·͚ ˔ %KBOHP͸ύεϫʔυΛͲ͏΍ͬͯอଘ͍ͯ͠Δͷ͔CZ 3ZVKJ5TVUTVJ
 IUUQTMJOLNFEJVNDPN01[W,:2Q7 ˔ ʰମܥతʹֶͿ҆શͳ8FCΞϓϦέʔγϣϯͷ࡞Γํ ୈ൛੬ऑੑ͕ੜ·ΕΔݪཧͱରࡦͷ࣮ફʱ
 IUUQTXXXBNB[PODPKQEQ SFGDN@TX@FN@S@NU@EQ@6@F/$C$(485

    15