Categories
Security

Building and using FIPS capable OpenSSL in Apache Tomcat

This step-by-step guide shows the way to smoothly build FIPS capable OpenSSL library for use in the FIPS 140-2 compliant Tomcat server on Windows machines. What is FIPS 140-2? The Federal Information Processing Standard 140-2 is a security standard published by the National Institute of Standards and Technology (NIST), covering specification of security requirements for […]

Categories
Security

Secure password storage

Most systems today need to handle the user authentication. That means, the password entered during user registration must be stored in the system for later comparison. It is obvious that the passwords must not be stored in plain-text form. In that case, if an attacker succeeded in getting access to the database, where these passwords are […]