Yep, we've had a discussion in the past about that exact article: http://shiro-user.582556.n2.nabble.com/Securing-passwords-emails-credit-cards-etc-td6229449.html
The following two articles address the principles behind the article in detail, and how the same benefits are achieved in Apache Shiro today. They also explain even more secure ways to store the password than what is recommended in the codahale.com article: Part 1: http://www.katasoft.com/blog/2011/04/04/strong-password-hashing-apache-shiro Part 2: http://www.katasoft.com/blog/2011/06/07/strong-password-hashing-part-2 Cheers, -- Les Hazlewood CTO, Katasoft | http://www.katasoft.com | 888.391.5282 twitter: http://twitter.com/lhazlewood katasoft blog: http://www.katasoft.com/blogs/lhazlewood personal blog: http://leshazlewood.com On Fri, Jul 1, 2011 at 10:22 AM, Alan D. Cabrera <[email protected]> wrote: > Interesting. > > http://codahale.com/how-to-safely-store-a-password/ > > > Regards, > Alan
