Discussion in 'privacy technology' started by Minimalist, Apr 21, 2015.
From what is stated in the article, it sounds like the pool is shared by every system. What if a system admin from company A gets the PW database from company B? He can still run PW guesses against the pool since everyone has equal access. PW guessing would generate high traffic into the pool so, in theory, it would set off network monitoring alarms. As with everything else, security will depend on implementation.
Of course the NSA will want to have a copy of the pool at their data center...
Yes it all depends on implementation. Admin from company A would probably get single password hash from company B but wouldn't know which company is this and also probably wouldn't know where to use it.
Separate names with a comma.