The latest news in the Ruby and Rails community.

Subscribe to our mailing list!

Episode #280

June 12th, 2012

Don't get LeakedIn, secure your routes, use your Savon, catch a Tokaido, put your models in a Display Case, and join the Ruby Study Hall.


Insecure Passwords

It’s been a bad week for passwords. LinkedIn, eHarmony, and a bunch of other major sites have been caught with their pants down over the last few months by hackers who exploited some rookie mistakes

Many of these breaches were due to password either stored in plain text or not salted when they were hashed.

Richard Schneeman from Heroku goes over the basic solutions to increase password security in a Rails app in a great blog post he published a few days ago. He shows how a simple solution like Devise can allow you to turn a database full of unhashed & unsalted passwords into a secure one gradually and without asking users to reset them.

Instead of forcing users to change their passwords all at once, he simply waits until a user signs in, checks if they have a legacy insecure password and proceeds to convert their password to the new secure storage offered by Devise.

Visit site → Permalink

Previous Episodes

Episode #279

Fabrication goes 2.0, Ruby is faster than other dynamic languages, make rounded corners with RubyMotion, The dRuby Book, and rubygems-tasks on this episode of Ruby5!

Episode #278

Ruby on Rails has Scheduled a Food Fight Motion. And, with the help of their Sidekiq, they'll Survey the damage made by Installing Utils on OS X. It's all on this episode of Ruby5.

Episode #277

A recap of a couple of fun 'you got your music in my ruby' tools, a few gem updates, and a few useful gems to add to your toolbox on this edition of Ruby5. We recorded before the announcement, but its worth noting that Rails 3.2.5 was released last night.

Episode #276

We put our Claws on AWS, resuscitate Resque workers, make Little Classes out of Big Ones while Cedar goes GA, Dokuen gives you your own little Heroku and your Ruby Talks creepy to you.

View the archives →

Looking to learn about Ruby? Take a look at the Ruby Path on Code School

This podcast is produced and distributed by Code School. Copyright © 2015 Code School LLC