Just two quick updates today:
1. A Correction To Last Tuesday’s Post
In Off the Record: Passwords, I recommended the use of SHA1 rather than MD5 hashes when storing passwords. Since then, I have encountered a persuasive argument in favor of abandoning both of them and using bcrypt instead, as it’s designed to be less time-efficient, thus dramatically reducing the number of potential passwords that a brute-force attack can attempt in a given amount of time.
As this can make your passwords much more secure against attackers while still keeping single-hash generation running at a reasonable pace, I have revised that post to recommend the use of bcrypt over SHA1 where available.
2. I’m Not Disappearing
New posts to this blog have slowed down substantially over the last couple weeks because the stockpile which I prepared prior to launching the blog have all been published and my new writing process, which I expect to work out much better in the long run, is taking longer than the old one to produce completed posts, ready to publish. If all goes as it appears that it will, the rate of new posts should pick up again by the end of next week if not sooner.
![[Post to Twitter]](http://nomadnetinc.com/blog/wp-content/plugins/tweet-this/icons/tt-micro4.png){kind=icon}
![[Post to Plurk]](http://nomadnetinc.com/blog/wp-content/plugins/tweet-this/icons/tt-plurk-micro4.png){kind=icon}
![[Post to Digg]](http://nomadnetinc.com/blog/wp-content/plugins/tweet-this/icons/tt-digg-micro4.png){kind=icon}
![[Post to ping.fm]](http://nomadnetinc.com/blog/wp-content/plugins/tweet-this/icons/tt-ping-micro4.png){kind=icon}
