Upgrade to Pro — share decks privately, control downloads, hide ads and more …

なぜ平文パスワードはNGなのか / Why are plain passwords evil?

Sponsored · Your Podcast. Everywhere. Effortlessly. Share. Educate. Inspire. Entertain. You do you. We'll handle the rest.
Avatar for Pudding Pudding
March 29, 2019
Technology
1
200

なぜ平文パスワードはNGなのか / Why are plain passwords evil?

近年話題の平文パスワード.流出していなくても大きく報道されるのは何故なのでしょうか.また,平文で保存しないためにどういった機構が採用されているのでしょうか.簡単にまとめました.

Avatar for Pudding

Pudding

March 29, 2019
Tweet

More Decks by Pudding

See All by Pudding
GNU Make勉強会 / GNU Make Exercise
Avatar for Pudding pddg
2
11k
雑に覚えるVim / Vim Tutorial
Avatar for Pudding pddg
0
100
中古PCのススメ/The fundamentals of used PC
Avatar for Pudding pddg
1
97
もっと気楽にいきましょうって話 / Make more relax
Avatar for Pudding pddg
4
2.3k
アイデアの卵と動かざる手 / Do you have something to do to realize your idea?
Avatar for Pudding pddg
0
200
Docker Seminar for SEL@KIT
Avatar for Pudding pddg
0
130
進学先を間違ったなと思ったら / I made a mistake in my path
Avatar for Pudding pddg
0
150
Mizql Map @ KITハッカソン2018 by ツナ缶 / Mizql Map
Avatar for Pudding pddg
0
140
OSSのリスクマネジメント / OSS Risk management
Avatar for Pudding pddg
0
240

Other Decks in Technology

See All in Technology
CyberAgentの生成AI戦略 〜変わるものと変わらないもの〜
Avatar for katayan katayan
0
220
楽しく学ぼう!ネットワーク入門
Avatar for Shota Shiratori shotashiratori
4
3.3k
[JAWSDAYS2026][D8]その起票、愛が足りてますか?AWSサポートを味方につける、技術的「ラブレター」の書き方
Avatar for hirosys hirosys_
3
180
プラットフォームエンジニアリングはAI時代の開発者をどう救うのか
Avatar for Kazuto Kusama jacopen
5
3.1k
内製AIチャットボットで学んだDatadog LLM Observability活用術
Avatar for k.masachika mkdev10
0
110
[JAWSDAYS2026]Who is responsible for IAM
Avatar for Mizuki TSUJI mizukibbb
0
690
AIエージェント時代に備える AWS Organizations とアカウント設計
Avatar for Hajime KOSHIRO kossykinto
3
1k
モブプログラミング再入門 ー 基本から見直す、AI時代のチーム開発の選択肢 ー / A Re-introduction of Mob Programming
Avatar for TAKAKING22 takaking22
5
1.5k
20260311 技術SWG活動報告(デジタルアイデンティティ人材育成推進WG Ph2 活動報告会)
Avatar for OpenID Foundation Japan oidfj
0
350
OCI Security サービス 概要
Avatar for oracle4engineer oracle4engineer
PRO
2
13k
猫でもわかるKiro CLI(AI 駆動開発への道編)
Avatar for Hiroo Katoh kentapapa
0
220
AWSの資格って役に立つの?
Avatar for Hiroki Takatsuka tk3fftk
2
340

Featured

See All Featured
Pawsitive SEO: Lessons from My Dog (and Many Mistakes) on Thriving as a Consultant in the Age of AI
Avatar for David Carrasco davidcarrasco
0
86
Hiding What from Whom? A Critical Review of the History of Programming languages for Music
Avatar for Tomoya Matsuura tomoyanonymous
2
550
Money Talks: Using Revenue to Get Sh*t Done
Avatar for Nikki Halliwell nikkihalliwell
0
180
The Illustrated Guide to Node.js - THAT Conference 2024
Avatar for David Neal reverentgeek
1
310
Odyssey Design
Avatar for Ryan Kendrick rkendrick25
PRO
2
550
Digital Ethics as a Driver of Design Innovation
Avatar for Per Axbom axbom
PRO
1
220
Done Done
Avatar for chrislema chrislema
186
16k
Product Roadmaps are Hard
Avatar for C. Todd Lombardo iamctodd
PRO
55
12k
Tips & Tricks on How to Get Your First Job In Tech
Avatar for Honza Javorek honzajavorek
0
450
Darren the Foodie - Storyboard
Avatar for Kevinho.art khoart
PRO
3
2.9k
Thoughts on Productivity
Avatar for Jon Yablonski jonyablonski
75
5.1k
Ten Tips & Tricks for a 🌱 transition
Avatar for Manu Carrasco Molina stuffmc
0
88

Transcript

  1. ͳͥฏจύεϫʔυ͸
 /(ͳͷ͔ QVEEJOH 1

  2. ʂ ࠷ۙɼ ʮฏจύεϫʔυʯ ͕Α͘χϡʔεʹͳ͍ͬͯΔ 2

  3. 3 IUUQTUFDIOJLLFJCQDPKQBUDMOYUNBHOD

  4. 4 IUUQTXXXJUNFEJBDPKQFOUFSQSJTFBSUJDMFTOFXTIUNM

  5. ? ʮฏจʯͬͯԿʁ 5

  6. ʮฏจʯ 6 ˔ ʮͻΒͿΜʯ·ͨ͸ʮ΁͍ͿΜʯ ˔ ҉߸ԽͳͲ͕ࢪ͞Ε͍ͯͳ͍จࣈྻ ˔ 8FCͷจ຺ʹ͓͍ͯ͸Ϣʔβͷೖྗͦͷ··ͷจࣈྻͱ ߟ͑ͯྑ͍ ˔

    ฏจύεϫʔυ͸ͭ·ΓɼϢʔβ͕ೖྗͨ͠ύεϫʔυΛ ͦͷ··อଘͯ͠ೝূʹ࢖༻͍ͯ͠Δɼͱ͍͏͜ͱ

  7. ? ͳͥฏจύεϫʔυ͸
 ʢྲྀग़͍ͯ͠ͳͯ͘΋ʣ
 μϝͳͷʁ 7

  8. ฏจύεϫʔυͰ૝ఆ͞ΕΔ͜ͱ 8 ˔ ྲྀग़ͨ͠ͱ͖ͷӨڹ͕େ͖͍ ˓ ύεϫʔυͷ࢖͍ճ͠͸ଟ͍ʢଞαʔϏεʹӨڹʣ ˓ ϩάΠϯ͞ΕΔͱ΍ΒΕ์୊ʢউखʹ঎඼Λങ͏౳ʣ ˔ ࣾһʹύεϫʔυΛ೺Ѳ͞ΕΔ

    ˓ ݟͣ஌Βͣͷଞਓ͕ࣗ෼ͷ
 ΞΧ΢ϯτʹϩάΠϯՄೳ͔΋
 ஌Εͳ͍ ˔ ௨ৗͷݸਓ৘ใʹൺ΂ͯ୯ͳΔྲྀग़ʹ
 ཹ·Βͳ͍ඃ֐ʹͳΓಘΔ

  9. ? Ͳ͏΍ͬͯϢʔβͷ ύεϫʔυ͕ਖ਼͍͜͠ͱΛ ͔֬Ί͍ͯΔͷʁ 9

  10. 10 ԿΒ͔ͷख๏ Ϣʔβ͔Βͷೖྗ ݩͷจࣈྻΛ༰қʹ
 ਪఆͰ͖ͳ͍จࣈྻ TEGBTEIPTJEG IPHF Ϣʔβ͔Βͷೖྗ IPHF TEGBTEIPTJEG

    0,

  11. ϋογϡԽ 11 ˔ ϋογϡؔ਺ͱ͸ɼ೚ҙͷσʔλ͔Βܾ·ͬͨσʔλ௕ ͷෆنଇͳ஋Λग़ྗ͢Δؔ਺ ˓ ͋Δจࣈྻ͔Β͸ৗʹಉ͡஋͕ग़ྗ͞ΕΔ ˓ ग़ྗ͞Εͨ஋͔ΒݩͷจࣈྻΛਪଌ͢Δ͜ͱ͕
 ʢൺֱతʣ೉͍͠

    ˔ σʔλϕʔεʹ͸ϋογϡԽͨ͠จࣈྻͷΈΛอଘ͓͖ͯ͠
 Ϣʔβͷೖྗͨ͠ύεϫʔυΛಉ͡ํ๏ͰϋογϡԽ͠ɼ
 Ұக͢Ε͹ೝূ੒ޭ

  12. ιϧτ 12 ˔ ϋογϡԽ͚ͩͰ͸·ͩऑ͍ ˓ ํ๏ʹΑͬͯ͸ղಡ͞ΕΔՄೳੑ༗Γ ˓ $3:153&$΍/*45ͷਪ঑͢Δख๏Λ࢖͓͏
 IUUQTXXXDSZQUSFDHPKQ ˔

    ιϧτͱ͍͏ϥϯμϜͳจࣈྻΛ෇Ճͯ͠ϋογϡԽ ˓ طʹจࣈྻ㲗ϋογϡ஋ͷؔ܎͕෼͔͍ͬͯΔ৔߹ʹରͯ͠ ΋༗ޮʢ߈ܸଆʹιϧτͷ಺༰͕࿙Εͳ͍ݶΓʣ ˓ ७ਮʹύεϫʔυ௕͕௕͘ͳΔͷͰղಡʹ͕͔͔࣌ؒΔ

  13. ετϨονϯά 13 ˔ ϋογϡͱιϧτ͚ͩͰ͸·ͩ؁͍ ˓ ۙ೥͸ڧྗͳܭࢉࢿݯΛ׆༻ͨ͠ߴ଎ͳ૯౰ͨΓ͕ߦΘΕΔ ˓ ΑΓղಡʹ͕͔͔࣌ؒΔΑ͏ʹ͢Δ ˔ ϋογϡԽͷॲཧΛ਺ઍʙ਺ສճ܁Γฦ͢

    ˓ ετϨονϯάͷճ਺ʹରͯ͠ઢܗతʹղಡ͕࣌ؒ
 ͔͔ΔΑ͏ʹͳΔ ˓ ετϨονϯάͷճ਺ʢʹղಡ࣌ؒͷ૿Ճʣ͸
 ॲཧʹ͔͔Δ࣌ؒͷ௕͞ͱͷτϨʔυΦϑ

  14. ·ͱΊ ˔ ฏจύεϫʔυ͸μϝ ˔ ύεϫʔυ͸࠷௿ݶιϧτ෇͖ϋογϡԽΛߦ͍ɼߋʹ ετϨονϯάͯ͠ڧ౓Λ্͛Δ ˓ ࠓ͸͜ΕͰྑ͍ͱ͞Ε͍ͯΔ͕ɼະདྷͰ͸
 ͞Βʹڧ౓Λ্͛Δ͜ͱ͕ٻΊΒΕ͍ͯΔ͔΋ ˔

    ࣗ෼ͷ࢖͏ύεϫʔυ͸Ͱ͖Δ͚ͩ௕͘͢Δ ˓ ෳࡶ͞ʢ࢖͏จࣈछͷଟ͞ʣΑΓ΋௕͕͞ॏཁ 14

  15. ͓·͚ ˔ %KBOHP͸ύεϫʔυΛͲ͏΍ͬͯอଘ͍ͯ͠Δͷ͔CZ 3ZVKJ5TVUTVJ
 IUUQTMJOLNFEJVNDPN01[W,:2Q7 ˔ ʰମܥతʹֶͿ҆શͳ8FCΞϓϦέʔγϣϯͷ࡞Γํ ୈ൛੬ऑੑ͕ੜ·ΕΔݪཧͱରࡦͷ࣮ફʱ
 IUUQTXXXBNB[PODPKQEQ SFGDN@TX@FN@S@NU@EQ@6@F/$C$(485

    15