New nopCommerce security plugin makes passwords virtually impossible to steal
October 2, 2017
Cybersecurity is constantly changing making it difficult to ensure your data and passwords are secure. As a business with a login page, the PR nightmare that ensues when a breach occurs makes it critical to have the proper cyber security plan in place.
For many years, best practice has been to protect passwords by using computational power to slow down the hashing process. The current nopCommerce application uses a password hashing algorithm called SHA1 which is the same hashing algorithm Linkedin was using when they were breached via an offline attack in 2012. When BlindHash is implemented on your nop website, passwords become virtually impossible to be stolen via an offline dictionary attack.
SO WHY SHOULD YOU USE BLINDHASH FOR YOUR NOPCOMMERCE SITE? THE BETTER QUESTION IS ...
REASON #1 - BlindHash can save you BIG MONEY, just ask Yahoo how they lost $350M: In 2013 & 2014, Yahoo suffered major breaches that ended up costing them over $350 million in their sale to Verizon. Sure Yahoo is a huge company, but the cost of a data breach can be catastrophic to any business. With 43% of cyber attacks targeting small businesses and 60% of small businesses that are attacked going out of business within 6 months, it's time for all businesses to get their cyber plans in place. BlindHash's patented technology should be a piece to everyone's cyber security defense system because it negates the threat of an offline attack.
REASON #2 - BlindHash makes Consumers Happy: Consumers today are tired of hearing that their password must be eight characters long, include a symbol, number and a capital letter. Only to then be told that they can't use the same password they have on other websites and they must change it every 90 days. It's no surprise that password resets receive the largest call volumes at support help desks. And let's face it, most consumers are going to use the same password on multiple sites, so businesses should do everything they can to properly secure their user's passwords and avoid the class action lawsuits that are becoming more and more prevalent when data breaches occur.
REASON #3 - BlindHash is a Simple Add On to Your Existing nopCommerce Site: BlindHash is a plugin to your existing nop website. It usally takes less than 30 minutes to install and is a very affordable addition to your existing defense mechanisms. The best part is, it's invisible to the end-user because there is no password reset and causes zero interruption in your daily activities.
Want to learn more about how our technology works? Visit our website or our extension page on the nop marketplace.